diff --git a/Bibliography.bib b/Bibliography.bib new file mode 100644 index 0000000..9f12276 --- /dev/null +++ b/Bibliography.bib @@ -0,0 +1,1805 @@ +@article{AG-Analysis-Data-Knowledge, + title={Survey of Attack Graph Analysis Methods From the Perspective of Data and Knowledge Processing}, + author={Jianping Zeng and Shuang Wu and Yanyu Chen and Rui Zeng and Chengrong Wu}, + journal={Security Communications Networks}, + year={2019}, + volume={2019}, + pages={2031063:1-2031063:16} +} + +@article{AG-Analysis-Explan, + title = {Attack Graph Analysis: An Explanatory Guide}, + journal = "Computers \& Security", + volume = {126}, + pages = {103081}, + year = {2023}, + issn = {0167-4048}, + doi = {https://doi.org/10.1016/j.cose.2022.103081}, + url = {https://www.sciencedirect.com/science/article/pii/S0167404822004734}, + author = {Kengo Zenitani} +} + +@incollection{jajodia_topological_2005, + address = {Boston, MA}, + title = {Topological {Analysis} of {Network} {Attack} {Vulnerability}}, + isbn = {978-0-387-24230-9}, + url = {https://doi.org/10.1007/0-387-24230-9{\_}9}, + booktitle = {Managing {Cyber} {Threats}: {Issues}, {Approaches}, and {Challenges}}, + publisher = {Springer US}, + author = {Jajodia, Sushil and Noel, Steven and O'Berry, Brian}, + editor = {Kumar, Vipin and Srivastava, Jaideep and Lazarevic, Aleksandar}, + year = {2005}, + doi = {10.1007/0-387-24230-9{\_}9}, + pages = {247--266} +} + +@inproceedings{cao_assessing_2018, + address = {Cham}, + title = {Assessing {Attack} {Impact} on {Business} {Processes} by {Interconnecting} {Attack} {Graphs} and {Entity} {Dependency} {Graphs}}, + isbn = {978-3-319-95729-6}, + booktitle = {Data and {Applications} {Security} and {Privacy} {XXXII}}, + publisher = {Springer International Publishing}, + author = {Cao, Chen and Yuan, Lun-Pin and Singhal, Anoop and Liu, Peng and Sun, Xiaoyan and Zhu, Sencun}, + editor = {Kerschbaum, Florian and Paraboschi, Stefano}, + year = {2018}, + pages = {330--348}, +} + +@ARTICLE{8470942, + author={Husák, Martin and Komárková, Jana and Bou-Harb, Elias and Čeleda, Pavel}, + journal={IEEE Communications Surveys \& Tutorials}, + title={{Survey of Attack Projection, Prediction, and Forecasting in Cyber Security}}, + year={2019}, + volume={21}, + number={1}, + pages={640-660}, + doi={10.1109/COMST.2018.2871866} +} + +@misc{noauthor_health_1996, + title = {Health {Insurance} {Portability} and {Accountability} {Act} of 1996}, + note = {Pub. L. No. 104-191. 1996 [Online]. Available: https://www.govinfo.gov/content/pkg/PLAW-104publ191/html/PLAW-104publ191.htm}, +} + +@misc{PCI, + title = {Payment {Card} {Industry} {(PCI)} {Data} {Security} {Standard}}, + note = {{Available: https://www.pcisecuritystandards.org/documents/PCI{\_}DSS{\_}v3-2-1.pdf}}, + month = {May}, + year = {2018}, + author = {{PCI Security Standards Council}} +} + +@misc{fincen, + title={{Financial Crimes Enforcement Network, Title 31 U.S.C. 310}}, + year={2010}, + note={{Available: https://www.govinfo.gov/content/pkg/USCODE-2010-title31/html/USCODE-2010-title31-subtitleI-chap3-subchapI-sec310.htm}}, +} + +@misc{fdaqsr, + title = {Quality System Regulations}, + year = {1996}, + note = {Federal Register: Volume 61, Number 195. 1996 [Online]. Available: https://www.fda.gov/science-research/clinical-trials-and-human-subject-protection/quality-system-regulations}, + author = {{Food and Drug Administration}} +} + +@misc{nerccip, + title = {Critical Infrastructure Protection Reliability Standard CIP}, + year = {2020}, + note = {85 FR 8161. 2020 [Online]. Available: https://www.federalregister.gov/documents/2020/02/13/2020-02173/critical-infrastructure-protection-reliability-standard-cip-012-1-cyber-security-communications}, + author = {{Federal Energy Regulatory Commission}} +} + + +@article{centrality_causal, + title = {Node Centrality Measures Are a Poor Substitute for Causal Inference}, + volume = {9}, + issn = {6846}, + doi = {10.1038/s41598-019-43033-9}, + journal = {Scientific Reports}, + author = {Dablander, Fabian and Hinne, Max}, + year = {2019}, +} + +@inproceedings{Mieghem2018DirectedGA, + title={Directed Graphs and Mysterious Complex Eigenvalues}, + author={Piet Van Mieghem}, + year={2018}, + note={{Delft University of Technology.}} +} + +@article{Guo2017HermitianAM, + title={{Hermitian Adjacency Matrix of Digraphs and Mixed Graphs}}, + author={Krystal Guo and Bojan Mohar}, + journal={Journal of Graph Theory}, + year={2017}, + volume={85} +} + +@article{Brualdi2010SpectraOD, + title={{Spectra of Digraphs}}, + author={Richard A. Brualdi}, + journal={Linear Algebra and Its Applications}, + year={2010}, + volume={432}, + pages={2181-2213} +} + +@article {PMID:30064421, + title = {A Systematic Survey of Centrality Measures for Protein-Protein Interaction Networks}, + Author = {Ashtiani, Minoo and Salehzadeh-Yazdi, Ali and Razaghi-Moghadam, Zahra and Hennig, Holger and Wolkenhauer, Olaf and Mirzaie, Mehdi and Jafari, Mohieddin}, + DOI = {10.1186/s12918-018-0598-2}, + Number = {1}, + Volume = {12}, + Month = {July}, + Year = {2018}, + Journal = {{BMC Systems Biology}}, + ISSN = {1752-0509}, + Pages = {80}, + URL = {https://europepmc.org/articles/PMC6069823}, +} + +@Article{Katz, + author={Leo Katz}, + title={{A New Status Index Derived From Sociometric Analysis}}, + journal={Psychometrika}, + year=1953, + volume={18}, + number={1}, + pages={39-43}, + month={March}, + keywords={}, + doi={10.1007/BF02289026}, + abstract={No abstract is available for this item.}, + url={https://ideas.repec.org/a/spr/psycho/v18y1953i1p39-43.html} +} + +@article{ModKatz, + title={Katz Centrality of Markovian Temporal Networks: Analysis and Optimization}, + author={Masaki Ogura and Victor M. Preciado}, + journal={2017 American Control Conference (ACC)}, + year={2017}, + pages={5001-5006} +} + +@book{newman2010networks, + title={Networks: An Introduction}, + author={Newman, M.E.J.}, + isbn={9780191594175}, + url={https://books.google.com/books?id=sgSlvgEACAAJ}, + year={2010}, + publisher={Oxford University Press} +} + +@article{K_Path_Edge, + doi = {10.1016/j.knosys.2012.01.007}, + url = {https://doi.org/10.1016{\%}2Fj.knosys.2012.01.007}, + year = 2012, + month = {jun}, + publisher = {Elsevier {BV}}, + volume = {30}, + pages = {136--150}, + author = {Pasquale De Meo and Emilio Ferrara and Giacomo Fiumara and Angela Ricciardello}, + title = {A Novel Measure of Edge Centrality in Social Networks}, + journal = {Knowledge-Based Systems} +} + +@article{Adapted_PageRank, + title={An Algorithm for Ranking the Nodes of an Urban Network Based on the Concept of PageRank Vector}, + author={Taras Agryzkov and Jos{\'e} Luis Oliver and Leandro Tortosa and Jos{\'e}-Francisco Vicent}, + journal={Appl. Math. Comput.}, + year={2012}, + volume={219}, + pages={2186-2193} +} + +@article{PageRank, + title = {The Anatomy of a Large-Scale Hypertextual Web Search Engine}, + journal = {Computer Networks and ISDN Systems}, + volume = {30}, + number = {1}, + pages = {107-117}, + year = {1998}, + note = {Proceedings of the Seventh International World Wide Web Conference}, + issn = {0169-7552}, + doi = {https://doi.org/10.1016/S0169-7552(98)00110-X}, + url = {https://www.sciencedirect.com/science/article/pii/S016975529800110X}, + author = {Sergey Brin and Lawrence Page}, + keywords = {World Wide Web, Search engines, Information retrieval, PageRank, Google}, + abstract = {In this paper, we present Google, a prototype of a large-scale search engine which makes heavy use of the structure present in hypertext. Google is designed to crawl and index the Web efficiently and produce much more satisfying search results than existing systems. The prototype with a full text and hyperlink database of at least 24 million pages is available at http://google.stanford.edu/ To engineer a search engine is a challenging task. Search engines index tens to hundreds of millions of Web pages involving a comparable number of distinct terms. They answer tens of millions of queries every day. Despite the importance of large-scale search engines on the Web, very little academic research has been done on them. Furthermore, due to rapid advance in technology and Web proliferation, creating a Web search engine today is very different from three years ago. This paper provides an in-depth description of our large-scale Web search engine — the first such detailed public description we know of to date. Apart from the problems of scaling traditional search techniques to data of this magnitude, there are new technical challenges involved with using the additional information present in hypertext to produce better search results. This paper addresses this question of how to build a practical large-scale system which can exploit the additional information present in hypertext. Also we look at the problem of how to effectively deal with uncontrolled hypertext collections where anyone can publish anything they want.} +} + +@article{PageRank_Survey, + author = { Pavel Berkhin }, + title = {A Survey on PageRank Computing}, + journal = {Internet Mathematics}, + volume = {2}, + number = {1}, + pages = {73-120}, + year = {2005}, + publisher = "Taylor \& Francis", + doi = {10.1080/15427951.2005.10129098}, + URL = {https://doi.org/10.1080/15427951.2005.10129098}, + eprint = {https://doi.org/10.1080/15427951.2005.10129098} +} + +@inproceedings{dominance, + author = {Prosser, Reese T.}, + title = {Applications of Boolean Matrices to the Analysis of Flow Diagrams}, + year = {1959}, + isbn = {9781450378680}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + url = {https://doi.org/10.1145/1460299.1460314}, + doi = {10.1145/1460299.1460314}, + abstract = {Any serious attempt at automatic programming of large-scale digital computing machines must provide for some sort of analysis of program structure. Questions concerning order of operations, location and disposition of transfers, identification of subroutines, internal consistency, redundancy and equivalence, all involve a knowledge of the structure of the program under study, and must be handled effectively by any automatic programming system.}, + booktitle = {Papers Presented at the December 1-3, 1959, Eastern Joint IRE-AIEE-ACM Computer Conference}, + pages = {133–138}, + numpages = {6}, + location = {Boston, Massachusetts}, + series = {IRE-AIEE-ACM '59 (Eastern)} +} + +@article{10.1145/3491257, + author = {Li, Ming and Hawrylak, Peter and Hale, John}, + title = {Strategies for Practical Hybrid Attack Graph Generation and Analysis}, + year = {2021}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + issn = {2692-1626}, + url = {https://doi.org/10.1145/3491257}, + doi = {10.1145/3491257}, + abstract = {As an analytical tool in cyber-security, an attack graph (AG) is capable of discovering multi-stage attack vectors on target computer networks. Cyber-physical systems (CPSs) comprise a special type of network that not only contains computing devices but also integrates components that operate in the continuous domain, such as sensors and actuators. Using AGs on CPSs requires that the system models and exploit patterns capture both token- and real-valued information. In this paper, we describe a hybrid AG model for security analysis of CPSs and computer networks. Specifically, we focus on two issues related to applying the model in practice: efficient hybrid AG generation and techniques for information extraction from them. To address the first issue, we present an accelerated hybrid AG generator that employs parallel programming and high performance computing (HPC). We conduct performance tests on CPU and GPU platforms to characterize the efficiency of our parallel algorithms. To address the second issue, we introduce an analytical regimen based on centrality analysis and apply it to a hybrid AG generated for a target CPS system to discover effective vulnerability remediation solutions.}, + journal = {Digital Threats}, + month = {Oct}, + keywords = {attack graph, breadth-first search, cyber-physical system, high performance computing} +} + +@article{ZENITANI2023103081, + title = {Attack Graph Analysis: An Explanatory Guide}, + journal = "Computers \& Security", + volume = {126}, + pages = {103081}, + year = {2023}, + issn = {0167-4048}, + doi = {https://doi.org/10.1016/j.cose.2022.103081}, + url = {https://www.sciencedirect.com/science/article/pii/S0167404822004734}, + author = {Kengo Zenitani}, + keywords = {Attack graph, Exploit dependency graph, Cycle handling, Network security metrics, Network hardening, Bayesian attack graph}, + abstract = {Attack graph analysis is a model-based approach for network-security analysis. It analyzes a directed graph called an attack graph. Usually, each node in it corresponds to a malicious event caused by attackers, and the edges correspond to the causal relations between events. We can obtain an attack graph from the network topology, its configuration, and the distribution of vulnerabilities. An attack graph gives us various information relevant to network security. Also, there are several relevant algorithms to find desirable security controls applicable to the network. Over twenty years of research have made much progress in this field. However, it comprises a breadth of definitions and discussions, and it is difficult for people new to this field to comprehend the key ideas. This article aims to briefly introduce this method to prospective researchers by summarizing their progress by selecting and reviewing foundational studies. We elaborate on the essential concepts, such as exploit dependency, AND/OR graph, monotonicity, and cycle handling.} +} + +@article{Zeng2019SurveyOA, + title={Survey of Attack Graph Analysis Methods From the Perspective of Data and Knowledge Processing}, + author={Jianping Zeng and Shuang Wu and Yanyu Chen and Rui Zeng and Chengrong Wu}, + journal={Secur. Commun. Networks}, + year={2019}, + volume={2019}, + pages={2031063:1-2031063:16} +} + +@phdthesis{ming_diss, + author = {Li, Ming and Hawrylak, Peter and Hale, John}, + title = "A System for Attack Graph Generation and Analysis", + school = "The University of Tulsa", + year = "2021", + type = "{PhD} dissertation", + address = "Tulsa, OK", +} + +@phdthesis{noah_ths, + author = {Schrick, Noah and Hawrylak, Peter}, + title = "Compliance Graph Generation Techniques and Parallel Computing Implementations Using Message-Passing Interfaces", + school = "The University of Tulsa", + year = "2022", + type = "{MS} thesis", + address = "Tulsa, OK", +} + +@article{MO2019121538, + title = {Identifying Node Importance Based on Evidence Theory in Complex Networks}, + journal = {Physica A: Statistical Mechanics and Its Applications}, + volume = {529}, + pages = {121538}, + year = {2019}, + issn = {0378-4371}, + doi = {https://doi.org/10.1016/j.physa.2019.121538}, + url = {https://www.sciencedirect.com/science/article/pii/S0378437119309021}, + author = {Hongming Mo and Yong Deng}, + keywords = {Complex networks, Important nodes, Evidence theory, Multi-evidence centrality, Comprehensive measure}, +} + +@article{LI2018512, + title = {Identification of Influential Spreaders Based on Classified Neighbors in Real-World Complex Networks}, + journal = {Applied Mathematics and Computation}, + volume = {320}, + pages = {512-523}, + year = {2018}, + issn = {0096-3003}, + doi = {https://doi.org/10.1016/j.amc.2017.10.001}, + url = {https://www.sciencedirect.com/science/article/pii/S0096300317306884}, + author = {Chao Li and Li Wang and Shiwen Sun and Chengyi Xia}, + keywords = {Influential spreaders, Identification algorithms, Classified neighbors, Complex networks}, +} + + +@Article{sym11020284, + AUTHOR = {Agryzkov, Taras and Curado, Manuel and Pedroche, Francisco and Tortosa, Leandro and Vicent, José F.}, + title = {Extending the Adapted PageRank Algorithm Centrality to Multiplex Networks With Data Using the PageRank Two-Layer Approach}, + JOURNAL = {Symmetry}, + VOLUME = {11}, + YEAR = {2019}, + NUMBER = {2}, + ARTICLE-NUMBER = {284}, + URL = {https://www.mdpi.com/2073-8994/11/2/284}, + ISSN = {2073-8994}, + ABSTRACT = {Usually, the nodes’ interactions in many complex networks need a more accurate mapping than simple links. For instance, in social networks, it may be possible to consider different relationships between people. This implies the use of different layers where the nodes are preserved and the relationships are diverse, that is, multiplex networks or biplex networks, for two layers. One major issue in complex networks is the centrality, which aims to classify the most relevant elements in a given system. One of these classic measures of centrality is based on the PageRank classification vector used initially in the Google search engine to order web pages. The PageRank model may be understood as a two-layer network where one layer represents the topology of the network and the other layer is related to teleportation between the nodes. This approach may be extended to define a centrality index for multiplex networks based on the PageRank vector concept. On the other hand, the adapted PageRank algorithm (APA) centrality constitutes a model to obtain the importance of the nodes in a spatial network with the presence of data (both real and virtual). Following the idea of the two-layer approach for PageRank centrality, we can consider the APA centrality under the perspective of a two-layer network where, on the one hand, we keep maintaining the layer of the topological connections of the nodes and, on the other hand, we consider a data layer associated with the network. Following a similar reasoning, we are able to extend the APA model to spatial networks with different layers. The aim of this paper is to propose a centrality measure for biplex networks that extends the adapted PageRank algorithm centrality for spatial networks with data to the PageRank two-layer approach. Finally, we show an example where the ability to analyze data referring to a group of people from different aspects and using different sets of independent data are revealed.}, + DOI = {10.3390/sym11020284} +} + +@article{10.1093/bioinformatics/bty965, + author = {Parvandeh, Saeid and McKinney, Brett A}, + title = "{EpistasisRank and EpistasisKatz: interaction network centrality methods that integrate prior knowledge networks}", + journal = {Bioinformatics}, + volume = {35}, + number = {13}, + pages = {2329-2331}, + year = {2018}, + month = {11}, + abstract = "{An important challenge in gene expression analysis is to improve hub gene selection to enrich for biological relevance or improve classification accuracy for a given phenotype. In order to incorporate phenotypic context into co-expression, we recently developed an epistasis-expression network centrality method that blends the importance of gene–gene interactions (epistasis) and main effects of genes. Further blending of prior knowledge from functional interactions has the potential to enrich for relevant genes and stabilize classification.We develop two new expression-epistasis centrality methods that incorporate interaction prior knowledge. The first extends our SNPrank (EpistasisRank) method by incorporating a gene-wise prior knowledge vector. This prior knowledge vector informs the centrality algorithm of the inclination of a gene to be involved in interactions by incorporating functional interaction information from the Integrative Multi-species Prediction database. The second method extends Katz centrality to expression-epistasis networks (EpistasisKatz), extends the Katz bias to be a gene-wise vector of main effects and extends the Katz attenuation constant prefactor to be a prior-knowledge vector for interactions. Using independent microarray studies of major depressive disorder, we find that including prior knowledge in network centrality feature selection stabilizes the training classification and reduces over-fitting.Methods and examples provided at https://github.com/insilico/Rinbix and https://github.com/insilico/PriorKnowledgeEpistasisRank.Supplementary data are available at Bioinformatics online.}", + issn = {1367-4803}, + doi = {10.1093/bioinformatics/bty965}, + url = {https://doi.org/10.1093/bioinformatics/bty965}, + eprint = {https://academic.oup.com/bioinformatics/article-pdf/35/13/2329/36613945/bioinformatics\{\_}35\{\_}13\{\_}2329.pdf}, +} + +@article{li_combining_2019, + title = {Combining {OpenCL} and {MPI} to Support Heterogeneous Computing on a Cluster}, + issn = {9781450372275}, + doi = {10.1145/3332186.3333059}, + abstract = {This paper presents an implementation of a heterogeneous programming model which combines Open Computing Language (OpenCL) and Message Passing Interface (MPI). The model is applied to solving a Markov decision process (MDP) with value iteration method. The performance test is conducted on a high performance computing cluster. At peak performance, the model is able to achieve a 57X speedup over a serial implementation. For an extremely large input MDP, which has 1,000,000 states, the obtained speedup is still over 12X, showing that this heterogeneous programming model can solve MDPs more efficiently than the serial solver does.}, + journal = {ACM International Conference Proceeding Series}, + author = {Li, Ming and Hawrylak, Peter and Hale, John}, + year = {2019}, + keywords = {Heterogeneous computing, HPC, MDP, MPI, OpenCL, Parallelism}, + file = {Combining OpenCL and MPI to Support Heterogeneous Computing on a Cluster:/home/noah/Zotero/storage/TXHCQ5S8/Combining OpenCL and MPI to Support Heterogeneous Computing on a Cluster.pdf:application/pdf}, +} + +@mastersthesis{zeng_cyber_2017, + title = {Cyber {Attack} {Analysis} {Based} on {Markov} {Process} {Model}}, + author = {Zeng, Keming}, + school = "The University of Tulsa", + year = {2017}, + address = "Tulsa, OK", +} + +@misc{alaya2022mathematical, + title={Mathematical Analysis of a Delayed SEIRDS Epidemics Models: Deterministic and Stochastic Approach}, + author={Mohamed Ben Alaya and Walid Ben Aribi and Slimane Ben Miled}, + year={2022}, + note={arXiv:2208.07690}, + archivePrefix={arXiv}, + primaryClass={q-bio.PE} +} + +@article{NetworkX, + title = {Exploring Network Structure, Dynamics, and Function Using NetworkX}, + author = {Hagberg, Aric and Swart, Pieter J. and Schult, Daniel A.}, + doi = {}, + note = {{Available: https://www.osti.gov/biblio/960616}}, + journal = {}, + number = , + volume = , + place = {United States}, + year = {2008}, + month = {Jan} +} + +@Manual{igraph, + title = {{Igraph}: Network Analysis and Visualization in R}, + author = {Gábor Csárdi and Tamás Nepusz and Vincent Traag and + Szabolcs Horvát and Fabio Zanini and Daniel Noom and Kirill + Müller}, + year = {2023}, + note = {R package version 1.5.1}, + doi = {10.5281/zenodo.7682609}, + url = {https://CRAN.R-project.org/package=igraph}, +} + +@Manual{Graphviz, + title = {{Graphviz}: Graph Visualization}, + author = {The Graphviz Authors}, + year = {2023}, + note = {Graphviz release 8.1.0 [Online]. Available:https://www.graphviz.org/}, + doi = {10.1007/3-540-45848-4{\_}57}, + url = {https://www.graphviz.org/} +} + +@Manual{diffeqjl, + title = {{DifferentialEquations.jl: Efficient Differential Equation Solving in Julia}}, + author = {{Julia Programming Language}}, + year = {2023}, + note = {{DiffEq.jl v7.7.1}}, + url = {https://docs.sciml.ai/DiffEqDocs/latest/} +} + +@mastersthesis{RAGE, + title = {{RAGE}: {The} {Rage} {Attack} {Graph} {Engine}}, + author = {Cook, Kyle}, + school = {The {University} of {Tulsa}}, + year = {2018}, + file = {Kyle Cook Thesis:/home/noah/Zotero/storage/2SR28HM2/Kyle Cook Thesis.pdf:application/pdf}, +} + +@Manual{pracma, + title = {Pracma: Practical Numerical Math Functions}, + author = {Hans W. Borchers}, + year = {2022}, + note = {R package version 2.4.2}, + url = {https://CRAN.R-project.org/package=pracma}, +} + +@Manual{reticulate, + title = {Reticulate: Interface to 'Python'}, + author = {Kevin Ushey and JJ Allaire and Yuan Tang}, + year = {2023}, + note = {{R package version 1.28. Available: https://CRAN.R-project.org/package=reticulate}} +} + +@thesis{Kalavri2016PerformanceOT, + title={Performance Optimization Techniques and Tools for Distributed Graph Processing}, + author={Vasiliki Kalavri}, + school={{KTH Royal Institute of Technology, Sweden, and Université Catholique de Louvain, Belgium}}, + year={2016}, + type={{PhD}}, + url={https://api.semanticscholar.org/CorpusID:63506793} +} + +@article{10.14778/2947618.2947623, + author = {Kalavri, Vasiliki and Simas, Tiago and Logothetis, Dionysios}, + title = {The Shortest Path Is Not Always a Straight Line: Leveraging Semi-Metricity in Graph Analysis}, + year = {2016}, + issue_date = {May 2016}, + publisher = {VLDB Endowment}, + volume = {9}, + number = {9}, + issn = {2150-8097}, + url = {https://doi.org/10.14778/2947618.2947623}, + doi = {10.14778/2947618.2947623}, + journal = {Proc. VLDB Endow.}, + month = {may}, + pages = {672-683}, + numpages = {12} +} + +@inproceedings{10.1145/3229710.3229730, + author = {Kim, Jong Wook and Choi, Hyoeun and Bae, Seung-Hee}, + title = {Efficient Parallel All-Pairs Shortest Paths Algorithm for Complex Graph Analysis}, + year = {2018}, + isbn = {9781450365239}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + url = {https://doi.org/10.1145/3229710.3229730}, + doi = {10.1145/3229710.3229730}, + booktitle = {Workshop Proceedings of the 47th International Conference on Parallel Processing}, + articleno = {5}, + numpages = {10}, + keywords = {All-pairs shortest paths, Parallel Algorithms, Shared-memory parallelism}, + location = {Eugene, OR, USA}, + series = {ICPP Workshops '18} +} + +@article{Jha2002TwoFA, + title={Two Formal Analyses of Attack Graphs}, + author={Somesh Jha and Oleg Sheyner and Jeannette M. Wing}, + journal={Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15}, + year={2002}, + pages={49-63}, + url={https://api.semanticscholar.org/CorpusID:16108364} +} + +@article{Islam2008AHA36, + title={A Heuristic Approach to Minimum-Cost Network Hardening Using Attack Graph}, + author={Tania Islam and Lingyu Wang}, + journal={2008 New Technologies, Mobility and Security}, + year={2008}, + pages={1-5}, + url={https://api.semanticscholar.org/CorpusID:6625112} +} + +@article{10.1016/j.comcom.2006.06.01837, + author = {Wang, Lingyu and Noel, Steven and Jajodia, Sushil}, + title = {Minimum-Cost Network Hardening Using Attack Graphs}, + year = {2006}, + issue_date = {November, 2006}, + publisher = {Elsevier Science Publishers B. V.}, + address = {NLD}, + volume = {29}, + number = {18}, + issn = {0140-3664}, + url = {https://doi.org/10.1016/j.comcom.2006.06.018}, + doi = {10.1016/j.comcom.2006.06.018}, + journal = {Computer Communications}, + month = {nov}, + pages = {3812-3824}, + numpages = {13}, + keywords = {Intrusion detection, Vulnerability analysis, Intrusion prevention} +} + +@inproceedings{10.1109/IAS.2008.38, + author = {Chen, Feng and Wang, Lingyu and Su, Jinshu}, + title = {An Efficient Approach to Minimum-Cost Network Hardening Using Attack Graphs}, + year = {2008}, + isbn = {9780769533247}, + publisher = {IEEE Computer Society}, + address = {USA}, + url = {https://doi.org/10.1109/IAS.2008.38}, + doi = {10.1109/IAS.2008.38}, + abstract = {Attack graphs can reveal the threat of sophisticated multi-step attacks by enumerating possible sequences of exploits leading to the compromise of given critical resources. Finding a solution to remove such threats by hands is tedious and error prone, particularly for larger and poorly secured networks. Existing automated approaches for hardening a network has an exponential complexity and is not scalable to large networks. This paper proposes a novel approach of applying the Reduced Ordered Binary Decision Diagram (ROBDD) method to network hardening. Existing mature optimization techniques in ROBDD makes the proposed approach an efficient solution that can potentially be applied to large networks.}, + booktitle = {Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security}, + pages = {209-212}, + numpages = {4}, + keywords = {Attack Graphs, Minimum-Cost, network securty, vulnerability}, + series = {IAS '08} +} + +@article{JUNCHUN20113227, + title = {A Minimum Cost of Network Hardening Model Based on Attack Graphs}, + journal = {Procedia Engineering}, + volume = {15}, + pages = {3227-3233}, + year = {2011}, + note = {CEIS 2011}, + issn = {1877-7058}, + doi = {https://doi.org/10.1016/j.proeng.2011.08.606}, + url = {https://www.sciencedirect.com/science/article/pii/S1877705811021072}, + author = {MA Jun-chun and WANG Yong-jun and SUN Ji-yin and CHEN Shan}, + keywords = {network security, attack graphs, bidirectional-based search, genetic algorithms, minimum-cost}, +} + +@article{0.1117/12.60424, + author = {Liu, Yu and Man, Hong}, + year = {2005}, + month = {03}, + pages = {}, + title = {Network Vulnerability Assessment Using Bayesian Networks}, + journal = {Proc SPIE}, + doi = {10.1117/12.604240} +} + +@inproceedings{10.1145/1456362.1456368, + author = {Frigault, Marcel and Wang, Lingyu and Singhal, Anoop and Jajodia, Sushil}, + year = {2008}, + month = {10}, + pages = {23-30}, + title = {Measuring Network Security Using Dynamic Bayesian Network}, + doi = {10.1145/1456362.1456368} +} + +@article{10.1145/3105760, + author = {Mu\~{n}oz-Gonz\'{a}lez, Luis and Sgandurra, Daniele and Paudice, Andrea and Lupu, Emil C.}, + title = {Efficient Attack Graph Analysis Through Approximate Inference}, + year = {2017}, + issue_date = {August 2017}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + volume = {20}, + number = {3}, + issn = {2471-2566}, + url = {https://doi.org/10.1145/3105760}, + doi = {10.1145/3105760}, + journal = {ACM Trans. Priv. Secur.}, + month = {Jul}, + articleno = {10}, + numpages = {30}, + keywords = {Bayesian networks, approximate inference, probabilistic graphical models} +} + +@article{10.1155/2017/3407642, + author = {{Hu, Hao and Zhang, Hongqi and Liu, Yuling and Wang, Yongwei and Du, Xiaojiang}}, + title = {{Quantitative Method for Network Security Situation Based on Attack Prediction}}, + year = {2017}, + issue_date = {2017}, + publisher = {{John Wiley \& Sons, Inc.}}, + address = {USA}, + volume = {2017}, + issn = {1939-0114}, + url = {https://doi.org/10.1155/2017/3407642}, + doi = {10.1155/2017/3407642}, + journal = {Security and Communications Networks}, + month = {jan}, + numpages = {19} +} + +@article{Abraham2014CyberSA, + title={Cyber Security Analytics: A Stochastic Model for Security Quantification Using Absorbing Markov Chains}, + author={Subil Abraham and Suku Nair}, + journal={Journal of Communications}, + year={2014}, + url={https://api.semanticscholar.org/CorpusID:8554925} +} + +@misc{abraham2015predictive, + title={A Predictive Framework for Cyber Security Analytics Using Attack Graphs}, + author={Subil Abraham and Suku Nair}, + year={2015}, + eprint={1502.01240}, + archivePrefix={arXiv}, + primaryClass={cs.CR} +} + +@article{Durkota2019HardeningNA, + title={Hardening Networks Against Strategic Attackers Using Attack Graph Games}, + author={Karel Durkota and V. Lis{\'y} and Branislav Bosansk{\'y} and Christopher Kiekintveld and Michal Pechoucek}, + journal={Computer Security}, + year={2019}, + volume={87}, + url={https://api.semanticscholar.org/CorpusID:201134692} +} + +@article{10.1145/3418897, + author = {Hu, Zhisheng and Zhu, Minghui and Liu, Peng}, + title = {Adaptive Cyber Defense Against Multi-Stage Attacks Using Learning-Based POMDP}, + year = {2020}, + issue_date = {February 2021}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + volume = {24}, + number = {1}, + issn = {2471-2566}, + url = {https://doi.org/10.1145/3418897}, + doi = {10.1145/3418897}, + journal = {ACM Transactions on Privacy and Security}, + month = {nov}, + articleno = {6}, + numpages = {25}, + keywords = {adaptive cyber defense, Thompson sampling, Reinforcement learning} +} + +@article{Miehling2018APA, + title={A POMDP Approach to the Dynamic Defense of Large-Scale Cyber Networks}, + author={Erik Miehling and Mohammad Reza Rasouli and Demosthenis Teneketzis}, + journal={IEEE Transactions on Information Forensics and Security}, + year={2018}, + volume={13}, + pages={2490-2505}, + url={https://api.semanticscholar.org/CorpusID:13705714} +} + +@article{Nguyen2017AnAT, + title={An Approach to Incorporating Uncertainty in Network Security Analysis}, + author={Hoang Hai Nguyen and Kartik Palani and David M. Nicol}, + journal={Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp}, + year={2017}, + url={https://api.semanticscholar.org/CorpusID:16666067} +} + +@Inbook{Wang2017, + author="Wang, Lingyu + and Jajodia, Sushil + and Singhal, Anoop + and Cheng, Pengsu + and Noel, Steven", + title="k-Zero Day Safety: Evaluating the Resilience of Networks Against Unknown Attacks", + bookTitle="Network Security Metrics", + year="2017", + publisher="Springer International Publishing", + address="Cham", + pages="75--93", + isbn="978-3-319-66505-4", + doi="10.1007/978-3-319-66505-4{\_}4", + url="https://doi.org/10.1007/978-3-319-66505-4{\_}4" +} + +@InProceedings{10.1007/978-3-030-64793-3_24, + author="Anwar, Ahmed H. + and Kamhoua, Charles", + editor="Zhu, Quanyan + and Baras, John S. + and Poovendran, Radha + and Chen, Juntao", + title="Game Theory on Attack Graph for Cyber Deception", + booktitle="Decision and Game Theory for Security", + year="2020", + publisher="Springer International Publishing", + address="Cham", + pages="445--456", + abstract="Game Theory provides a set of tools and a framework suitable to study security problems. In this paper, a class of games is developed to study cyber deception and the interactions between the network defender who is deceiving an adversary to mitigate the damage of the attack. In order to capture network topology, each game is played over an attack graph that can be generated according to the vulnerabilities associated with each node. The defender's goal is to take deceptive actions to prevent the attacker from taking control over the network resources exploiting the incomplete information of the attacker regarding the deceptive network gained through the attack reconnaissance stage. To this end, we present several games such as normal form static, dynamic, hypergame, and a partially observable stochastic game (POSG) to study the game dynamics at different information structures. For the most general class of games, (i.e., POSG), we provide multiple solution approaches to overcome the intractability of the game model and finally present numerical result samples to show the effectiveness of each solution approach.", + isbn="978-3-030-64793-3" +} + +@INBOOK{9124037, + author={Xi, Bowei and Kamhoua, Charles A.}, + booktitle={Modeling and Design of Secure Internet of Things}, + title={A Hypergame-Based Defense Strategy Toward Cyber Deception in Internet of Battlefield Things (IoBT)}, + year={2020}, + volume={}, + number={}, + pages={59-77}, + doi={10.1002/9781119593386.ch3} +} + +@InProceedings{10.1007/978-3-030-64793-3_9, + author="Kulkarni, Abhishek N. + and Fu, Jie + and Luo, Huan + and Kamhoua, Charles A. + and Leslie, Nandi O.", + editor="Zhu, Quanyan + and Baras, John S. + and Poovendran, Radha + and Chen, Juntao", + title="Decoy Allocation Games on Graphs with Temporal Logic Objectives", + booktitle="Decision and Game Theory for Security", + year="2020", + publisher="Springer International Publishing", + address="Cham", + pages="168--187", + isbn="978-3-030-64793-3" +} + +@conference{1503283, + title = {Security Scheduling for Real-World Networks }, + booktitle = {International Conference on Autonomous Agents and Multiagent Systems (AAMAS)}, + year = {2013}, + author = {Jain, Manish and Vincent Conitzer and Tambe, Milind} +} + +@article{HORAK2019101579, + title = {Optimizing Honeypot Strategies Against Dynamic Lateral Movement Using Partially Observable Stochastic Games}, + journal = {Computers \& Security}, + volume = {87}, + pages = {101579}, + year = {2019}, + issn = {0167-4048}, + doi = {https://doi.org/10.1016/j.cose.2019.101579}, + url = {https://www.sciencedirect.com/science/article/pii/S0167404819300665}, + author = {Karel Horák and Branislav Bošanský and Petr Tomášek and Christopher Kiekintveld and Charles Kamhoua}, + keywords = {Dynamic honeypot allocation, Lateral movement, Partially observable stochastic games, Compact representation, Incremental strategy generation} +} + +@article{10.1080/23311916.2018.1502242, + author = {Gunantara, Nyoman}, + year = {2018}, + month = {07}, + pages = {}, + title = {A Review of Multi-Objective Optimization: Methods and Its Applications}, + volume = {5}, + journal = {Cogent Engineering}, + doi = {10.1080/23311916.2018.1502242} +} + +@Inbook{Awange2023, + author="Awange, Joseph L. + and Pal{\'a}ncz, B{\'e}la + and Lewis, Robert H. + and V{\"o}lgyesi, Lajos", + title="Multiobjective Optimization", + bookTitle="Mathematical Geosciences: Hybrid Symbolic-Numeric Methods", + year="2023", + publisher="Springer International Publishing", + address="Cham", + pages="319--352", + isbn="978-3-030-92495-9", + doi="10.1007/978-3-030-92495-9{\_}9", + url="https://doi.org/10.1007/978-3-030-92495-9{\_}9" +} + +@article{MIRJALILI2015228, + title = {Moth-Flame Optimization Algorithm: A Novel Nature-Inspired Heuristic Paradigm}, + journal = {Knowledge-Based Systems}, + volume = {89}, + pages = {228-249}, + year = {2015}, + issn = {0950-7051}, + doi = {https://doi.org/10.1016/j.knosys.2015.07.006}, + url = {https://www.sciencedirect.com/science/article/pii/S0950705115002580}, + author = {Seyedali Mirjalili}, + keywords = {Optimization, Stochastic optimization, Constrained optimization, Meta-heuristic, Population-based algorithm} +} + +@INPROCEEDINGS{7732428, + author={Vikas and Nanda, Satyasai Jagannath}, + booktitle={2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI)}, + title={Multi-Objective Moth Flame Optimization}, + year={2016}, + volume={}, + number={}, + pages={2470-2476}, + doi={10.1109/ICACCI.2016.7732428} +} + +@INPROCEEDINGS{9563556, + author={Bingi, Kishore and Kulkarni, Rakshit Raghavendra and Mantri, Rhea}, + booktitle={2021 IEEE Madras Section Conference (MASCON)}, + title={Development of Hybrid Algorithm Using Moth-Flame and Particle Swarm Optimization}, + year={2021}, + volume={}, + number={}, + pages={1-6}, + doi={10.1109/MASCON51689.2021.9563556} +} + +@article{Sharifi2021ANO, + title={A New Optimization Algorithm to Solve Multi-Objective Problems}, + author={Mohammad Reza Sharifi and Saeid Akbarifard and Kourosh Qaderi and Mohamad Reza Madadi}, + journal={Scientific Reports}, + year={2021}, + volume={11}, + url={https://api.semanticscholar.org/CorpusID:238860219} +} + +@book{10.1007/978-3-540-24777-7, + author = {Kellerer, Hans and Pferschy, Ulrich and Pisinger, David}, + year = {2004}, + month = {Jan.}, + pages = {}, + title = {Knapsack Problems}, + isbn = {978-3-540-40286-2}, + journal = {Knapsack Problems}, + doi = {10.1007/978-3-540-24777-7}, + publisher = {Springer Berlin, Heidelberg}, +} + +@INPROCEEDINGS{8204118, + author={Gupta, Indresh Kumar and Choubey, Abha and Choubey, Siddhartha}, + booktitle={2017 8th International Conference on Computing, Communication and Networking Technologies (ICCCNT)}, + title={Clustered Genetic Algorithm to Solve Multidimensional Knapsack Problem}, + year={2017}, + volume={}, + number={}, + pages={1-6}, + doi={10.1109/ICCCNT.2017.8204118} +} + +@ARTICLE{9142411, + author={Li, Zuocheng and Tang, Lixin and Liu, Jiyin}, + journal={IEEE Transactions on Cybernetics}, + title={A Memetic Algorithm Based on Probability Learning for Solving the Multidimensional Knapsack Problem}, + year={2022}, + volume={52}, + number={4}, + pages={2284-2299}, + doi={10.1109/TCYB.2020.3002495} +} + +@INPROCEEDINGS{9308380, + author={Gu, Hanyu}, + booktitle={2020 IEEE Symposium Series on Computational Intelligence (SSCI)}, + title={Optimal Lagrangian Multipliers for the Multidimensional Knapsack Problem: A Bayesian Optimisation Approach}, + year={2020}, + volume={}, + number={}, + pages={3149-3155}, + doi={10.1109/SSCI47803.2020.9308380} +} + +@INPROCEEDINGS{5455187, + author={Shan, Bowei}, + booktitle={2009 First International Conference on Information Science and Engineering}, + title={The Spread of Malware on the WiFi Network: Epidemiology Model and Behaviour Evaluation}, + year={2009}, + volume={}, + number={}, + pages={1916-1918}, + doi={10.1109/ICISE.2009.1285} +} + +@INPROCEEDINGS{8228672, + author={Mitchell, Robert}, + booktitle={2017 IEEE Conference on Communications and Network Security (CNS)}, + title={Epidemic-Resistant Configurations for Intrusion Detection Systems}, + year={2017}, + volume={}, + number={}, + pages={487-494}, + doi={10.1109/CNS.2017.8228672} +} + +@ARTICLE{6414589, + author={Kim, Hyoungshick and Anderson, Ross}, + journal={IEEE Systems Journal}, + title={An Experimental Evaluation of Robustness of Networks}, + year={2013}, + volume={7}, + number={2}, + pages={179-188}, + doi={10.1109/JSYST.2012.2221851} +} + +@INPROCEEDINGS{9450250, + author={Wang, Yingxu and Plataniotis, Kostas N. and Wang, Jane Z. and Hou, Ming and Zhou, Menchu and Howard, Newton and Peng, Jun and Huang, Runhe and Patel, Shushma and Zhang, Du}, + booktitle={2020 IEEE 19th International Conference on Cognitive Informatics \& Cognitive Computing (ICCI*CC)}, + title={The Cognitive and Mathematical Foundations of Analytic Epidemiology}, + year={2020}, + volume={}, + number={}, + pages={6-14}, + doi={10.1109/ICCICC50026.2020.9450250} +} + +@INPROCEEDINGS{9457692, + author={Parwez, Md. Aslam and Abulaish, Muhammad and Jahiruddin, Jahiruddin}, + booktitle={2020 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology (WI-IAT)}, + title={A Social Media Time-Series Data Analytics Approach for Digital Epidemiology}, + year={2020}, + volume={}, + number={}, + pages={852-859}, + doi={10.1109/WIIAT50758.2020.00131} +} + +@misc{j_hale_compliance_nodate, + title = {Compliance {Method} for a {Cyber}-{Physical} {System}}, + author = {{J. Hale} and Hawrylak, P. and Papa, M.}, + note = {U.S. Patent Number 9,471,789, Oct. 18, 2016.}, + number = {9471789}, + file = {Complaince{\_}Graph{\_}US{\_}Patent{\_}9471789:/home/noah/Zotero/storage/55BZN4U7/Complaince{\_}Graph{\_}US{\_}Patent{\_}9471789.pdf:application/pdf}, +} + +@inproceedings{baloyi_guidelines_2019, + address = {Skukuza South Africa}, + title = {Guidelines for {Data} {Privacy} {Compliance}: {A} {Focus} on {Cyberphysical} {Systems} and {Internet} of {Things}}, + doi = {10.1145/3351108.3351143}, + booktitle = {{SAICSIT} '19: {Proceedings} of the {South} {African} {Institute} of {Computer} {Scientists} and {Information} {Technologists} 2019}, + publisher = {Association for Computing Machinery}, + author = {Baloyi, Ntsako and Kotzé, Paula}, + year = {2019}, +} + +@article{allman_complying_2006, + title = {Complying With {Compliance}: {Blowing} It Off Is Not an Option.}, + volume = {4}, + number = {7}, + journal = {ACM Queue}, + author = {Allman, Eric}, + year = {2006}, +} + +@ARTICLE{9914620, + author={Ahn, Sujin and Kwon, Minhae}, + journal={IEEE Journal of Biomedical and Health Informatics}, + title={Reproduction Factor Based Latent Epidemic Model Inference: A Data-Driven Approach Using COVID-19 Datasets}, + year={2023}, + volume={27}, + number={3}, + pages={1259-1270}, + doi={10.1109/JBHI.2022.3213175} +} + +@INPROCEEDINGS{9929470, + author={Roy, Tamal Joyti and Mahmood, Md. Ashiq and Mohanta, Aninda and Roy, Diti}, + booktitle={2021 IEEE International Conference on Robotics, Automation, Artificial-Intelligence and Internet-of-Things (RAAICON)}, + title={An Analytical Approach to Predict the COVID-19 Death Rate in Bangladesh Utilizing Multiple Regression and SEIR Model}, + year={2021}, + volume={}, + number={}, + pages={42-45}, + doi={10.1109/RAAICON54709.2021.9929470} +} + +@INPROCEEDINGS{9628991, + author={Chumachenko, Dmytro and Bazilevych, Kseniia and Meniailov, Ievgen and Yakovlev, Sergiy and Chumachenko, Tetyana}, + booktitle={2021 IEEE 4th International Conference on Advanced Information and Communication Technologies (AICT)}, + title={Simulation of COVID-19 Dynamics Using Ridge Regression}, + year={2021}, + volume={}, + number={}, + pages={163-166}, + doi={10.1109/AICT52120.2021.9628991} +} + +@INPROCEEDINGS{9630798, + author={Zhang, Siqi and Yang, Hui}, + booktitle={2021 43rd Annual International Conference of the IEEE Engineering in Medicine \& Biology Society (EMBC)}, + title={Spatial Modeling and Analysis of Human Traffic and Infectious Virus Spread in Community Networks}, + year={2021}, + volume={}, + number={}, + pages={2286-2289}, + doi={10.1109/EMBC46164.2021.9630798} +} + +@INPROCEEDINGS{9678822, + author={Dakhno, Natalia and Leshchenko, Olga and Kravchenko, Yurii and Dudnik, Andriy and Trush, Olexandr and Khankishiev, Victor}, + booktitle={2021 IEEE 3rd International Conference on Advanced Trends in Information Theory (ATIT)}, + title={Dynamic Model of the Spread of Viruses in a Computer Network Using Differential Equations}, + year={2021}, + volume={}, + number={}, + pages={111-115}, + doi={10.1109/ATIT54053.2021.9678822} +} + +@INPROCEEDINGS{10227113, + author={Tang, Yuyang and Williams, Richard A.}, + booktitle={2022 IEEE International Symposium on Technology and Society (ISTAS)}, + title={Investigating Relationship Conflict Within the Social Network of Large IS Projects Using a SIR Model}, + year={2022}, + volume={1}, + number={}, + pages={1-5}, + doi={10.1109/ISTAS55053.2022.10227113} +} + +@INPROCEEDINGS{9856356, + author={Mathebula, Dephney}, + booktitle={2022 International Conference on Artificial Intelligence, Big Data, Computing and Data Communication Systems (icABCD)}, + title={Novel Data-Based Model for Future Epidemiology}, + year={2022}, + volume={}, + number={}, + pages={1-6}, + doi={10.1109/icABCD54961.2022.9856356} +} + +@INPROCEEDINGS{9593147, + author={Fedorov, Dmitriy and Tabarak, Yrys and Dadlani, Aresh and Kumar, Muthukrishnan Senthil and Kizheppatt, Vipin}, + booktitle={2021 International Balkan Conference on Communications and Networking (BalkanCom)}, + title={Dynamics of Multi-Strain Malware Epidemics Over Duty-Cycled Wireless Sensor Networks}, + year={2021}, + volume={}, + number={}, + pages={1-5}, + doi={10.1109/BalkanCom53780.2021.9593147} +} + +@Article{Lou2021, + author={Lou, Yuan + and Salako, Rachidi B.}, + title={Control Strategies for a Multi-Strain Epidemic Model}, + journal={Bulletin of Mathematical Biology}, + year={2021}, + month={Nov}, + day={27}, + volume={84}, + number={1}, + pages={10}, + issn={1522-9602}, + doi={10.1007/s11538-021-00957-6}, + url={https://doi.org/10.1007/s11538-021-00957-6} +} + +@article{10.1371/journal.pone.0257512, + doi = {10.1371/journal.pone.0257512}, + author = {Arruda, Edilson F. AND Das, Shyam S. AND Dias, Claudia M. AND Pastore, Dayse H.}, + journal = {Plos One}, + publisher = {Public Library of Science}, + title = {Modelling and Optimal Control of Multi Strain Epidemics, With Application to COVID-19}, + year = {2021}, + month = {09}, + volume = {16}, + url = {https://doi.org/10.1371/journal.pone.0257512}, + pages = {1-18}, + number = {9}, +} + +@inproceedings{GCAI-2018:Analysis_of_Attack_Graph, + author = {Tom Gonda and Tal Pascal and Rami Puzis and Guy Shani and Bracha Shapira}, + title = {Analysis of Attack Graph Representations for Ranking Vulnerability Fixes}, + booktitle = {GCAI-2018. 4th Global Conference on Artificial Intelligence}, + editor = {Daniel Lee and Alexander Steen and Toby Walsh}, + series = {EPiC Series in Computing}, + volume = {55}, + pages = {215--228}, + year = {2018}, + publisher = {EasyChair}, + bibsource = {EasyChair, https://easychair.org}, + issn = {2398-7340}, + url = {https://easychair.org/publications/paper/ZBHj}, + doi = {10.29007/2c1q} +} + +@article{10.1371/journal.pone.0053095, + doi = {10.1371/journal.pone.0053095}, + author = {Piraveenan, Mahendra AND Prokopenko, Mikhail AND Hossain, Liaquat}, + journal = {Plos One}, + publisher = {Public Library of Science}, + title = {Percolation Centrality: Quantifying Graph-Theoretic Impact of Nodes During Percolation in Networks}, + year = {2013}, + month = {01}, + volume = {8}, + url = {https://doi.org/10.1371/journal.pone.0053095}, + pages = {1-14}, + number = {1}, +} + +@inproceedings{10.1145/3288599.3295597, + author = {De, Sanghamitra and Barik, Mridul Sankar and Banerjee, Indrajit}, + title = {A Percolation-Based Recovery Mechanism for Bot Infected P2P Cloud}, + year = {2019}, + isbn = {9781450360944}, + publisher = {Association for Computing Machinery}, + address = {New York, NY, USA}, + url = {https://doi-org.utulsa.idm.oclc.org/10.1145/3288599.3295597}, + doi = {10.1145/3288599.3295597}, + abstract = {Execution of any recovery procedure in compromised nodes of a Cloud should aim at covering as many nodes as possible in a given time. The authors propose an innovative approach using the concept of percolation centrality to spread the execution of a recovery procedure across adjacent nodes in a P2PCloud. Compromised networks can be large since botnets and malware infections use the advantage of the internet to spread rapidly. Using percolation centrality to choose a node from where to begin, the recovery procedure runs in parallel in different nodes which can be reached from a chosen node and spreads fast.}, + booktitle = {Proceedings of the 20th International Conference on Distributed Computing and Networking}, + pages = {474-479}, + numpages = {6}, + keywords = {churning, botnet, P2PCloud, P2P network, percolation centrality}, + location = {Bangalore, India}, + series = {ICDCN '19} +} + +@INPROCEEDINGS{9680376, + author={Chandramouli, Athreya and Jana, Sayantan and Kothapalli, Kishore}, + booktitle={2021 IEEE 28th International Conference on High Performance Computing, Data, and Analytics (HiPC)}, + title={Efficient Parallel Algorithms for Computing Percolation Centrality}, + year={2021}, + volume={}, + number={}, + pages={111-120}, + doi={10.1109/HiPC53243.2021.00025} +} + +@article{AUDRITO2021102584, +title = {Aggregate Centrality Measures for IoT-based Coordination}, +journal = {Science of Computer Programming}, +volume = {203}, +pages = {102584}, +year = {2021}, +issn = {0167-6423}, +doi = {https://doi.org/10.1016/j.scico.2020.102584}, +url = {https://www.sciencedirect.com/science/article/pii/S0167642320301921}, +author = {Giorgio Audrito and Danilo Pianini and Ferruccio Damiani and Mirko Viroli} +} + +@article{MO2019121538, +title = {Identifying Node Importance Based on Evidence Theory in Complex Networks}, +journal = {Physica A: Statistical Mechanics and Its Applications}, +volume = {529}, +pages = {121538}, +year = {2019}, +issn = {0378-4371}, +doi = {https://doi.org/10.1016/j.physa.2019.121538}, +url = {https://www.sciencedirect.com/science/article/pii/S0378437119309021}, +author = {Hongming Mo and Yong Deng}, +keywords = {Complex networks, Important nodes, Evidence theory, Multi-evidence centrality, Comprehensive measure}, +} + +@article{LI2018512, +title = {Identification of Influential Spreaders Based on Classified Neighbors in Real-World Complex Networks}, +journal = {Applied Mathematics and Computation}, +volume = {320}, +pages = {512-523}, +year = {2018}, +issn = {0096-3003}, +doi = {https://doi.org/10.1016/j.amc.2017.10.001}, +url = {https://www.sciencedirect.com/science/article/pii/S0096300317306884}, +author = {Chao Li and Li Wang and Shiwen Sun and Chengyi Xia}, +keywords = {Influential spreaders, Identification algorithms, Classified neighbors, Complex networks}, +} + +@article{brandes, +author = {Ulrik Brandes}, +title = {A Faster Algorithm for Betweenness Centrality* }, +journal = {The Journal of Mathematical Sociology}, +volume = {25}, +number = {2}, +pages = {163-177}, +year = {2001}, +publisher = {Routledge}, +doi = {10.1080/0022250X.2001.9990249}, + + +URL = { + + https://doi.org/10.1080/0022250X.2001.9990249 + + + +}, +eprint = { + + https://doi.org/10.1080/0022250X.2001.9990249 + + + +} + +} + +@misc{stankovic2023fourier, + title={Fourier Analysis of Signals on Directed Acyclic Graphs (DAG) Using Graph Zero-Padding}, + author={Ljubisa Stankovic and Milos Dakovic and Ali Bagheri Bardi and Milos Brajovic and Isidora Stankovic}, + year={2023}, + note={arXiv:2311.01073}, + archivePrefix={arXiv}, + primaryClass={cs.IT} +} + +@misc{seifert2023causal, + title={Causal Fourier Analysis on Directed Acyclic Graphs and Posets}, + author={Bastian Seifert and Chris Wendler and Markus Püschel}, + year={2023}, + note={arXiv:2209.07970}, + archivePrefix={arXiv}, + primaryClass={eess.SP} +} + +@BOOK{laug, + AUTHOR = {Anderson, E. and Bai, Z. and Bischof, C. and + Blackford, S. and Demmel, J. and Dongarra, J. and + Du Croz, J. and Greenbaum, A. and Hammarling, S. and + McKenney, A. and Sorensen, D.}, + title = {{LAPACK} Users' Guide}, + EDITION = {3rd}, + PUBLISHER = {Society for Industrial and Applied Mathematics}, + YEAR = {1999}, + ADDRESS = {Philadelphia, PA}, + ISBN = {0-89871-447-8 (paperback)} } + +@article{MACEDO2016999, +title = {Gaussian Elimination Is Not Optimal, Revisited}, +journal = {Journal of Logical and Algebraic Methods in Programming}, +volume = {85}, +number = {5, Part 2}, +pages = {999-1010}, +year = {2016}, +issn = {2352-2208}, +doi = {https://doi.org/10.1016/j.jlamp.2016.06.003}, +url = {https://www.sciencedirect.com/science/article/pii/S2352220816300529}, +author = {Hugo Daniel Macedo}, +} + +@misc{williams2023new, + title={New Bounds for Matrix Multiplication: From Alpha to Omega}, + author={Virginia Vassilevska Williams and Yinzhan Xu and Zixuan Xu and Renfei Zhou}, + year={2023}, + eprint={2307.07970}, + archivePrefix={arXiv}, + primaryClass={cs.DS} +} + +@misc{alman2020refined, + title={A Refined Laser Method and Faster Matrix Multiplication}, + author={Josh Alman and Virginia Vassilevska Williams}, + year={2020}, + eprint={2010.05846}, + archivePrefix={arXiv}, + primaryClass={cs.DS} +} + +@article{bordacent, +author = {Madotto, Andrea and Liu, Jiming}, +year = {2016}, +month = {Dec.}, +pages = {}, +title = {Super-Spreader Identification Using Meta-Centrality}, +volume = {6}, +journal = {Scientific Reports}, +doi = {10.1038/srep38994} +} + +@article{6023c4f8-ecc1-3dbe-9f88-265b318523d2, + ISSN = {00115266}, + URL = {http://www.jstor.org/stable/20026529}, + author = {John G. Kemeny}, + journal = {Daedalus}, + number = {4}, + pages = {577--591}, + publisher = {The MIT Press}, + title = {Mathematics Without Numbers}, + urldate = {2024-03-01}, + volume = {88}, + year = {1959} +} + +@article{doi:10.1137/0135023, +author = {Young, H. P. and Levenglick, A.}, +title = {A Consistent Extension of Condorcet’s Election Principle}, +journal = {SIAM Journal on Applied Mathematics}, +volume = {35}, +number = {2}, +pages = {285-300}, +year = {1978}, +doi = {10.1137/0135023}, + +URL = { + + https://doi.org/10.1137/0135023 + + + +}, +eprint = { + + https://doi.org/10.1137/0135023 + + + +} +, +} + +@misc{OSHA, + author = {{Occupational Safety and Health Administration}}, + title = {{Standard} 1910 {Subpart} {H} {Hazardous} {Materials}}, + year = {{Last Amended 2024 via Code of Federal Regulations Title 29}} +} + + +@onlne{AutoInd, + author = {{International Trade Administration, U.S. Department of Commerce}}, + title = {{Automotive Industry}}, + year = {August 2021}, + note = {{[Online]. Available: https://www.trade.gov/selectusa-automotive-industry}}, + urldate = {2023-11-07} +} + +@onlne{AutoIndFS, + author = {{International Trade Administration, U.S. Department of Commerce}}, + title = {{Foreign Direct Investment (FDI): Automotive}}, + year = {August 2021}, + note = {{[Online]. Available: https://www.trade.gov/sites/default/files/2021-09/Automotive{\%}20-{\%}20FINAL.pdf}}, + urldate = {2023-11-07} +} + +@online{BEAFS, + author = {{U.S. Bureau of Economic Analysis}}, + title = {{Industry Factsheet: Transportation and Warehousing}}, + year = {2023}, + note = {{[Online]. Available: https://apps.bea.gov/industry/factsheet/factsheet.html\#48TW}}, + urldate = {2024-02-25} +} + +@online{BEATables, + author = {{U.S. Bureau of Economic Analysis}}, + title = {{Value Added by Industry}}, + year = {2023-12-21}, + urldate = {2024-02-25} +} + +@online{BEATablesOutput, + author = {{U.S. Bureau of Economic Analysis}}, + title = {{Gross Output by Industry}}, + year = {2023-12-21}, + urldate = {2024-02-25} +} + +@online{GMInsight, + author = {{Singh, A, and Singh, S.}}, + title = {{Automotive Repair and Maintenance Service Market Size}}, + year = {Feb. 2024}, + note = {{[Online]. Available: https://www.gminsights.com/industry-analysis/automotive-repair-maintenance-services-market}}, + urldate = {2024-02-25} +} + +@online{Corolla, + author = {{Toyota Motor Sales, U.S.A., Inc.}}, + title = {{Downloadable Manuals}}, + note = {{[Online]. Available: https://www.toyota.com/owners/warranty-owners-manuals/}}, + urldate = {2024-02-25} +} + +@online{carDOE, + author = {{U.S. Department of Energy}}, + title = {{Alternative Fuels Data Center}}, + note = {{[Online]. Available: https://afdc.energy.gov/data/categories/driving-patterns}}, + urldate = {2024-02-25} +} + +@online{carDOT, + author = {{National Transportation Statistics Datasets}}, + title = {{United States Department of Transportation Bureau of Transportation Statistics}}, + note = {{[Online]. Available: https://www.bts.gov/product/national-transportation-statistics}}, + urldate = {2024-02-25} +} + +@online{carFWHA, + author = {{U.S. Department of Transportation Federal Highway Administration}}, + title = {{Highway Statistics Series}}, + note = {{[Online]. Available: https://www.fhwa.dot.gov/policyinformation/statistics.cfm}}, + urldate = {2024-02-25} +} + +@online{carCR, + author = {{Preston, B.}}, + title = {{Car Brands and Models That Can Save You Money Over Time}}, + year = {2023-04-02}, + note = {{[Online]. Available: https://www.consumerreports.org/cars/car-repair-maintenance/car-brands-and-models-that-can-save-you-money-over-time-a9081677414}}, + urldate = {2024-02-25} +} + +@online{carAAA, + author = {{AAA}}, + title = {{Planning for Auto Maintenance and Repair Costs}}, + note = {{[Online]. Available: https://www.aaa.com/autorepair/articles/planning-for-auto-maintenance-and-repair-costs (visited on Feb. 25, 2024.)}} +} + +@online{carFarmers, + author = {{Farmers Insurance}}, + title = {{Auto Service and Repair Shop Insurance}}, + note = {{[Online]. Available: https://www.farmers.com/business/industry/auto-service-repair/ (visited on Feb. 25, 2024.)}} +} + +@online{carext, + author = {{AAA}}, + title = {{Your Driving Costs}}, + note = {{[Online]. Available: https://newsroom.aaa.com/wp-content/uploads/2020/12/Your-Driving-Costs-2020-Fact-Sheet-FINAL-12-9-20-2.pdf}}, + year = {2020-12-09}, + urldate = {2024-02-25} +} + +@online{CMS, + author = {{Centers for Medicare \& Medicaid Services}}, + title = {{NHE Fact Sheet}}, + year = {2022}, + note = {{[Online]. Available: https://www.cms.gov/data-research/statistics-trends-and-reports/national-health-expenditure-data/nhe-fact-sheet}}, + urldate = {2024-02-25} +} + +@online{WB, + author = {{The World Bank}}, + title = {{Current Health Expenditure (\% of GDP)}}, + year = {2023-04-07}, + note = {{[Online]. Available: https://data.worldbank.org/indicator/SH.XPD.CHEX.GD.ZS?name{\_}desc=true{\&}locations=US}}, + urldate = {2024-02-25} +} + +@online{OECD, + author = {{Organisation for Economic Co-operation and Development}}, + title = {{OECD Health Statistics 2023}}, + year = {2023}, + note = {{[Online]. Available: https://www.oecd.org/health/health-data.htm}}, + urldate = {2024-02-25} +} + +@online{CDC, + author = {{Centers for Disease Control and Preventation}}, + title = {{Health Expenditures}}, + year = {2019}, + note = {{[Online]. Available: https://www.cdc.gov/nchs/fastats/health-expenditures.htm}}, + urldate = {2024-02-25} +} + +@online{NCSES, + author = {{National Center for Science and Engineering Statistics}}, + title = {{R\&D; Most Pharmaceutical R\&D Focused on Biotechnology}}, + year = {2018}, + note = {{[Online]. Available: https://ncses.nsf.gov/pubs/nsf21316}}, + urldate = {2024-02-25} +} + +@online{DefHC, + author = {{Definitive Healthcare}}, + title = {{Healthcare Insights}}, + year = {2023-08-22}, + note = {{[Online]. Available: https://www.definitivehc.com/resources/healthcare-insights/urgent-care-clinics-us}}, + urldate = {2024-02-25} +} + +@online{AHA, + author = {{American Hospital Association}}, + title = {{Fast Facts on U.S. Hospitals, 2024}}, + year = {2024}, + note = {{[Online]. Available: https://www.aha.org/statistics/fast-facts-us-hospitals}}, + urldate = {2024-02-25} +} + +@online{AAMC, + author = {{Association of American Medical Colleges}}, + title = {{Workforce Data}}, + year = {2019}, + note = {{[Online]. Available: https://www.aamc.org/data-reports/workforce/data/active-physicians-us-doctor-medicine-us-md-degree-specialty-2019}}, + urldate = {2024-02-25} +} + +@online{CBO, + author = {{Congressional Budget Office}}, + title = {{Research and Development in the Pharmaceutical Industry}}, + year = {April 2021}, + note = {{[Online]. Available: https://www.cbo.gov/publication/57126}}, + urldate = {2024-02-25} +} + +@online{BEAHC, + author = {{Bureau of Economic Analysis}}, + title = {{New Health Care Statistics for First Year of COVID-19 Pandemic}}, + year = {2023-02-10}, + note = {{[Online]. Available: https://www.bea.gov/news/blog/2023-02-10/new-health-care-statistics-first-year-covid-19-pandemic}}, + urldate = {2024-02-25} +} + +@online{BEAHCM, + author = {{Bureau of Economic Analysis}}, + title = {{Experimental Data Map Health Care Estimates in GDP to Centers for Medicare \& Medicaid Framework}}, + year = {2023-09-25}, + note = {{[Online]. Available: https://www.bea.gov/news/blog/2023-09-25/experimental-data-map-health-care-estimates-gdp-centers-medicare-medicaid}}, + urldate = {2024-02-25} +} + +@article{PhysRevLett.87.198701, + title = {Efficient Behavior of Small-World Networks}, + author = {Latora, Vito and Marchiori, Massimo}, + journal = {Phys. Rev. Lett.}, + volume = {87}, + issue = {19}, + pages = {198701}, + numpages = {4}, + year = {2001}, + month = {Oct}, + publisher = {American Physical Society}, + doi = {10.1103/PhysRevLett.87.198701}, + url = {https://link.aps.org/doi/10.1103/PhysRevLett.87.198701} +} + +@online{HHS, + author = {{U.S. Department of Health and Human Services}}, + title = {{Compliance Enforcement Data}}, + year = {2024-01-31}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/data/numbers-glance/index.html}}, + urldate = {2024-02-25} +} + +@online{HHSDol, + author = {{U.S. Department of Health and Human Services}}, + title = {{Enforcement Highlights}}, + year = {2024-01-31}, + note = {{[Online]. Available:https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/data/enforcement-highlights/index.html}}, + urldate = {2024-02-25} +} + +@ARTICLE{10124989, + author={Schrick, Noah L. and Hawrylak, Peter J.}, + journal={IEEE Open Journal of the Computer Society}, + title={State Space Explosion Mitigation for Large-Scale Attack and Compliance Graphs Using Synchronous Exploit Firing}, + year={2023}, + volume={4}, + number={}, + pages={147-157}, + keywords={Firing;Explosions;Automobiles;Computer security;Flexible printed circuits;Cyber-physical systems;Regulation;Attack graph;compliance and regulation;compliance graph;cybersecurity;high-performance computing;speedup;synchronous firing}, + doi={10.1109/OJCS.2023.3276370}} + + +@online{HHSPen, + author = {{U.S. Department of Health and Human Services}}, + title = {{Resolution Agreements}}, + year = {2024-02-06}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/index.html}}, + urldate = {2024-02-25} +} + +@online{HHSCong, + author = {{U.S. Department of Health and Human Services}}, + title = {{Reports to Congress on Privacy Rule and Security Rule Compliance}}, + year = {2022}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/reports-congress/index.html}}, + urldate = {2024-02-25} +} + +@online{HHSAud, + author = {{U.S. Department of Health and Human Services}}, + title = {{HIPAA Privacy, Security, and Breach Notification Audit Program}}, + year = {2020}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/audit/index.html}}, + urldate = {2024-02-25} +} + +@online{HHSCE, + author = {{U.S. Department of Health and Human Services}}, + title = {{Case Examples}}, + year = {2023-11-01}, + note = {{[Online]. Available: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/examples/index.html}}, + urldate = {2024-02-25} +} + +@online{Census, + author = {{United States Census Bureau}}, + title = {{Oil \& Natural Gas}}, + year = {2019}, + note = {{[Online]. Available: https://www.census.gov/history/pdf/api-082021.pdf}}, + urldate = {2024-02-25} +} + +@online{EnergyGov, + author = {{U.S. Department of Energy}}, + title = {{Economic Impact of Oil \& Gas}}, + year = {2020}, + note = {{[Online]. Available: https://www.energy.gov/articles/economic-impact-oil-and-gas}}, + urldate = {2024-02-25} +} + +@online{IEA, + author = {{International Energy Agency}}, + title = {{R\&D Technology Innovation}}, + year = {2020}, + note = {{[Online]. Available: https://www.iea.org/reports/world-energy-investment-2020/rd-and-technology-innovation}}, + urldate = {2024-02-25} +} + +@online{EIA, + author = {{U.S. Energy Information Administration}}, + title = {{Financial Review of the Global Oil and Natural Gas Industry: Third-Quarter 2023}}, + year = {December 2023}, + note = {{[Online]. Available: https://www.eia.gov/finance/review/pdf/3Q2023{\%}20Financial{\%}20Review.pdf}}, + urldate = {2024-02-25} +} + +@online{oshonline, + author = {{Smart, S.J.}}, + title = {{Keeping Oil and Gas Workers Safe and Avoiding Costly Penalties}}, + year = {June 2015}, + note = {{[Online]. Available: https://ohsonline.com/Articles/2015/06/01/Keeping-Oil-and-Gas-Workers-Safe-and-Avoiding-Costly-Penalties.aspx}}, + urldate = {2024-02-25} +} + +@online{OSHAHist, + author = {{U.S. Department of Labor, Occupational Safety and Health Administration}}, + title = {{Industry Profile for an OSHA Standard Results}}, + year = {2023}, + note = {{[Online]. Available: https://www.osha.gov/ords/imis/industryprofile.html}}, + urldate = {2024-02-25} +} + +@online{OSHAPen, + author = {{U.S. Department of Labor, Occupational Safety and Health Administration}}, + title = {{Standard Number 1903.15 - Proposed Penalties}}, + year = {2024-01-15}, + note = {{[Online]. Available: https://www.osha.gov/laws-regs/regulations/standardnumber/1903/1903.15}}, + urldate = {2024-02-25} +} + +@article{https://doi.org/10.1112/plms/s1-28.1.486, +author = {Mathews, G. B.}, +title = {On the Partition of Numbers}, +journal = {Proceedings of the London Mathematical Society}, +volume = {s1-28}, +number = {1}, +pages = {486-490}, +doi = {https://doi.org/10.1112/plms/s1-28.1.486}, +url = {https://londmathsoc.onlinelibrary.wiley.com/doi/abs/10.1112/plms/s1-28.1.486}, +eprint = {https://londmathsoc.onlinelibrary.wiley.com/doi/pdf/10.1112/plms/s1-28.1.486}, +year = {1896} +} + +@book{10.5555/98124, +author = {Martello, Silvano and Toth, Paolo}, +title = {Knapsack Problems: Algorithms and Computer Implementations}, +year = {1990}, +isbn = {0471924202}, +publisher = {John Wiley \& Sons, Inc.}, +address = {USA} +} + +@incollection{RA, + author = {Rausand, M}, + title = {Introduction}, + booktitle = {Risk Assessment: Theory, Methods, and Applications}, + publisher = {John Wiley \& Sons Inc.}, + year = {2013}, + pages = {1-28}, + chapter = {1}, + isbn = {9780470637647} +} + + +@article{CAPRARA2000333, +title = {Approximation Algorithms for Knapsack Problems With Cardinality Constraints}, +journal = {European Journal of Operational Research}, +volume = {123}, +number = {2}, +pages = {333-345}, +year = {2000}, +issn = {0377-2217}, +doi = {https://doi.org/10.1016/S0377-2217(99)00261-1}, +url = {https://www.sciencedirect.com/science/article/pii/S0377221799002611}, +author = {Alberto Caprara and Hans Kellerer and Ulrich Pferschy and David Pisinger} +} + +@article{Jangir2018NonDominatedSM, + title={Non-Dominated Sorting Moth Flame Optimizer: A Novel Multi-Objective Optimization Algorithm for Solving Engineering Design Problems}, + author={Pradeep Jangir}, + journal={Engineering Technology Open Access Journal}, + year={2018}, + url={https://api.semanticscholar.org/CorpusID:212452626} +} + +@manual{Octave, + title = {{GNU Octave} Version 8.4.0 Manual: A High-Level Interactive Language for Numerical Computations}, + author = {John W. Eaton and David Bateman and S{\o}ren Hauberg and Rik Wehbring}, + year = {2023}, + note = {{[Online]. Available: https://www.gnu.org/software/octave/doc/v8.4.0/}} +} + +@misc{gplv3, + title = {{GNU General Public License}}, + version = {3}, + shorthand = {GPL}, + organization = {Free Software Foundation}, + note = {{[Online]. Available: http://www.gnu.org/licenses/gpl.html}}, + pagination = {section}, + language = {english}, + date = {2007-06-29} +} + +@article{10.1162/106365600568202, + author = {Zitzler, Eckart and Deb, Kalyanmoy and Thiele, Lothar}, + title = "{Comparison of Multiobjective Evolutionary Algorithms: Empirical Results}", + journal = {Evolutionary Computation}, + volume = {8}, + number = {2}, + pages = {173-195}, + year = {2000}, + month = {06}, + abstract = "{In this paper, we provide a systematic comparison of various evolutionary approaches to multiobjective optimization using six carefully chosen test functions. Each test function involves a particular feature that is known to cause difficulty in the evolutionary optimization process, mainly in converging to the Pareto-optimal front (e.g., multimodality and deception). By investigating these different problem features separately, it is possible to predict the kind of problems to which a certain technique is or is not well suited. However, in contrast to what was suspected beforehand, the experimental results indicate a hierarchy of the algorithms under consideration. Furthermore, the emerging effects are evidence that the suggested test functions provide sufficient complexity to compare multiobjective optimizers. Finally, elitism is shown to be an important factor for improving evolutionary multiobjective search.}", + issn = {1063-6560}, + doi = {10.1162/106365600568202}, + url = {https://doi.org/10.1162/106365600568202}, + eprint = {https://direct.mit.edu/evco/article-pdf/8/2/173/1493199/106365600568202.pdf}, +} + +@article{doi:10.1287/mnsc.27.1.1, + author = {Fisher, Marshall L.}, + title = {The Lagrangian Relaxation Method for Solving Integer Programming Problems}, + journal = {Management Science}, + volume = {27}, + number = {1}, + pages = {1-18}, + year = {1981}, + doi = {10.1287/mnsc.27.1.1}, + URL = {https://doi.org/10.1287/mnsc.27.1.1}, + eprint = {https://doi.org/10.1287/mnsc.27.1.1} +} + +@article{3c419982-0884-3763-8914-983157eab6e5, + ISSN = {0030364X, 15265463}, + URL = {http://www.jstor.org/stable/168028}, + abstract = {The usefulness of Lagrange multipliers for optimization in the presence of constraints is not limited to differentiable functions. They can be applied to problems of maximizing an arbitrary real valued objective function over any set whatever, subject to bounds on the values of any other finite collection of real valued functions defined on the same set. While the use of the Lagrange multipliers does not guarantee that a solution will necessarily be found for all problems, it is 'fail-safe' in the sense that any solution found by their use is a true solution. Since the method is so simple compared to other available methods it is often worth trying first, and succeeds in a surprising fraction of cases. They are particularly well suited to the solution of problems of allocating limited resources among a set of independent activities.}, + author = {Hugh Everett}, + journal = {Operations Research}, + number = {3}, + pages = {399--417}, + publisher = {INFORMS}, + title = {Generalized Lagrange Multiplier Method for Solving Problems of Optimum Allocation of Resources}, + urldate = {2024-03-13}, + volume = {11}, + year = {1963} +} + +@inproceedings{Nocedal2018NumericalO, + title={Numerical Optimization}, + author={Jorge Nocedal and Stephen J. Wright}, + booktitle={Fundamental Statistical Inference}, + year={2018}, + url={https://api.semanticscholar.org/CorpusID:189864167} +} + +@Manual{pracma, + title = {Pracma: Practical Numerical Math Functions}, + author = {Hans W. Borchers}, + year = {2023}, + note = {{R package version 2.4.4 [Online]. Available: https://CRAN.R-project.org/package=pracma}} + } + +@article{c8bc284a-942a-3e27-9ea0-6db64782cbb2, + ISSN = {00129682, 14680262}, + URL = {http://www.jstor.org/stable/1909582}, + abstract = {Several models for limited dependent variables (variables having a non-negligible probability of exactly equaling zero) are examined. Estimation in and discrimination among the various models are considered, followed by a small sampling experiment into the procedures and an example of their application.}, + author = {John G. Cragg}, + journal = {Econometrica}, + number = {5}, + pages = {829--844}, + publisher = {[Wiley, Econometric Society]}, + title = {Some Statistical Models for Limited Dependent Variables With Application to the Demand for Durable Goods}, + urldate = {2024-03-27}, + volume = {39}, + year = {1971} +} + +@article{fc317238-6f24-34d1-86ea-e81c1292d7e9, + ISSN = {00401706}, + URL = {http://www.jstor.org/stable/1269547}, + abstract = {Zero-inflated Poisson (ZIP) regression is a model for count data with excess zeros. It assumes that with probability p the only possible observation is 0, and with probability 1 - p, a Poisson(λ) random variable is observed. For example, when manufacturing equipment is properly aligned, defects may be nearly impossible. But when it is misaligned, defects may occur according to a Poisson(λ) distribution. Both the probability p of the perfect, zero defect state and the mean number of defects λ in the imperfect state may depend on covariates. Sometimes p and λ are unrelated; other times p is a simple function of λ such as p=1/(1+λ τ) for an unknown constant τ. In either case, ZIP regression models are easy to fit. The maximum likelihood estimates (MLE's) are approximately normal in large samples, and confidence intervals can be constructed by inverting likelihood ratio tests or using the approximate normality of the MLE's. Simulations suggest that the confidence intervals based on likelihood ratio tests are better, however. Finally, ZIP regression models are not only easy to interpret, but they can also lead to more refined data analyses. For example, in an experiment concerning soldering defects on printed wiring boards, two sets of conditions gave about the same mean number of defects, but the perfect state was more likely under one set of conditions and the mean number of defects in the imperfect state was smaller under the other set of conditions; that is, ZIP regression can show not only which conditions give lower mean number of defects but also why the means are lower.}, + author = {Diane Lambert}, + journal = {Technometrics}, + number = {1}, + pages = {1--14}, + publisher = {[Taylor & Francis, Ltd., American Statistical Association, American Society for Quality]}, + title = {Zero-Inflated Poisson Regression, With an Application to Defects in Manufacturing}, + urldate = {2024-03-27}, + volume = {34}, + year = {1992} +} + + diff --git a/Schrick-Noah_CG-Ep-Modeling.tex b/Schrick-Noah_CG-Ep-Modeling.tex index e69de29..44b8fe1 100644 --- a/Schrick-Noah_CG-Ep-Modeling.tex +++ b/Schrick-Noah_CG-Ep-Modeling.tex @@ -0,0 +1,513 @@ +\documentclass[conference]{IEEEtran} +\RequirePackage{setspace} +\usepackage{graphicx} % Images +\graphicspath{ {./images/} } + +\usepackage{float} % Table captions on top +\floatstyle{plaintop} +\restylefloat{table} + +\usepackage{ifpdf} % Detect PDF or DVI mode +\usepackage{babel} % Bibliography +\usepackage{dsfont} % mathbb + +\usepackage[utf8]{inputenc} +\usepackage{indentfirst} +\setlength{\parskip}{\baselineskip} + +% Table of Contents/Figure Spacing +\usepackage[titles]{tocloft} +\cftsetindents{figure}{0em}{3.5em} +\cftsetindents{table}{0em}{3.5em} + +\usepackage{dsfont} % mathbb +\usepackage{amsmath} +\usepackage[linesnumbered,commentsnumbered,ruled,vlined]{algorithm2e} + +\begin{document} + +\title{ Compliance Graph Analysis Using Epidemiology Modeling +} + +\author{ + \IEEEauthorblockN{Noah L. Schrick} + \IEEEauthorblockA{ + \textit{Tandy School of Computer Science} \\ + \textit{The University of Tulsa}\\ + Tulsa, USA \\ + noah-schrick@utulsa.edu + } + + \and + + \IEEEauthorblockN{Peter J. Hawrylak} + \IEEEauthorblockA{ + \textit{Tandy School of Computer Science} \\ + \textit{The University of Tulsa}\\ + Tulsa, USA \\ + peter-hawrylak@utulsa.edu + } + +} + +\maketitle + +\begin{abstract} +\end{abstract} + +\begin{IEEEkeywords} + Compliance Graph; Attack Graph; Epidemiology Modeling; Risk Assessment; +\end{IEEEkeywords} + +\section{Introduction} +CG Intro + +Epidemiology modeling is frequently used to model the behavior and dynamics of a disease across a population. Most commonly, a SIR model (Susceptible - Infected - Recovered model) is used to model how compartments of a population change with regard to a disease. The model is able to capture how the ``susceptible" subset of the population (the subset that is able to become infected) changes over time, as well as how the ``infected" subset (the subset that is currently infected with the disease) and ``recovered" subset (the subset that has been infected, but has since recovered) change over time. By examining the epidemic curves, it is possible to plan and prepare possible responses to mitigate the impact, as well as measure or predict an epidemic point. These models help provide insight on how to prepare, prevent, or mitigate challenges brought on by a disease outbreak. Epidemiology modeling has been widely investigated over recent years, and various works have been presented for modeling secondary infections through a model \cite{9914620}, additionally using multiple regression \cite{9929470} or ridge regression \cite{9628991}, and including new representations for social and community interactions \cite{9630798}. + +This work discusses an epidemiology modeling approach for compliance graph analysis. This work leverages the ability of epidemiology models to measure the behavior of compliance and regulation violations in a system or set of system and determine the risk they may have. This work also leverages the predictive power of epidemiology models to present mitigation or preparation strategies for future violations. By using an epidemiology approach, it is possible to refine constraint-bound correction schemes for the predicted or expected violations that systems may face. + +\section{Related Works} \label{sec:ep-intro} +The application of epidemiology modeling is not limited to modeling the dynamics of a disease. Various works have been performed to apply epidemiology modeling specifically to computer and information systems. The authors of \cite{6414589} were able to analyze the robustness of a computer network using an epidemiology model, the authors of \cite{8228672} were able to determine configurations for intrusion-detection systems, the authors of \cite{9678822} were able to model the spread of computer viruses, and the authors of \cite{5455187} were able to model the spread of malware over a network. Epidemiology modeling is also able to predict and measure social or relationship conflicts that may occur from third-party information system or information technology providers. The authors of \cite{10227113} were able to predict how these conflicts may propagate during a third-party provider implementation using an SIR model. Epidemiology models continue to see analytical improvements and usage across fields. The authors of \cite{9457692} successfully demonstrated the use of a time-series data analytics approach, and the authors of \cite{9856356} present a data-based model that is capable of integrating with, and crawling across, internet sites to minimize the manual overhead of implementing closed-form epidemiology expressions. The authors of \cite{9450250} present a wide array of techniques that work in conjunction with the fields of artificial intelligence, big data, cognition, and analytical epidemiology to showcase promising results with causal probability theory. + +\section{Approach to Multi-Strain Epidemiology Modeling} \label{sec:ep-modeling} +A single-strain approach was originally used for analyzing the compliance and violation trends of environments. In a single-strain approach, all violations are grouped together as a single, generic ``violation", all warnings are grouped together as a single, generic ``warning", and all compliant systems, states, policies, and behaviors are grouped together as a single, generic ``in-good-standing" label. This approach is useful for examining the system at a high-level and for identifying concerning overall trends regarding compliance or regulation standings. However, this single-strain approach does not provide insight on the severity of violations, and does not provide distinct information on types of violations. This form of analysis is unable to discern which regulations are met or not met, and is unable to distinguish where the cause of concern may lie. In real systems, various violations may occur, each having a different level of severity. In addition, real systems are prone to violating multiple regulations simultaneously. In order to capture and examine violations at a more granular level, a multi-strain epidemiology model will be required. The multi-strain approach functions by treating each violation as a unique strain of infection, which allows for the system to be modelled across all strains with relevant violation information properly captured. + +\subsection{Alternative Model Details} \label{sec:Model-Choice} +Various works have been presented for a multi-strain epidemiology model. Specifically to computer and information systems, the authors of \cite{9593147} present a S$I_1$$I_2$SD model (Susceptible, Infected-with-Strain-1, Infected-with-Strain-2, Susceptible, Deceased) for modeling malware over Internet of Things Wireless Sensor Networks. This model is able to capture two different strains of malware that each have a dependency on the other. However, for compliance graph analysis, there can, and likely will, be a greater number of violations present. As a result, limiting an epidemiology model to two strains is not fully realistic. The authors of \cite{Lou2021} constructed a multi-strain PDE-SIS (Partial Differential Equation Susceptible - Infected - Susceptible) model that resembles the following and is capable of modeling multiple strains:\\ + +\begin{math} +\begin{aligned} + {\left\{ \begin{array}{ll} + \partial _tS=d_\mathrm{S}\Delta S +\sum _{i=1}^k\gamma _i(x)I_i -\frac{S\sum _{i=1}^k\beta _i(x)I_i}{S+\sum _{j=1}^k I_j} &{} x\in \Omega , \ t>0,\\ + \partial _tI_i=d_i\Delta I_i -\gamma _i(x)I_i+\beta _i(x)\frac{SI_i}{S+\sum _{j=1}^k I_j}&{} x\in \Omega ,\ t>0, \\ + d_\mathrm{S}\frac{\partial S}{\partial \vec {n}}=d_i \frac{\partial I_i}{\partial \vec {n}}=0 &{} x\in \partial \Omega ,\ t>0, \\ + N=\int _{\Omega }[S(0,x)+\sum _{i=1}^kI_i(0,x)]\hbox {d}x>0 + \end{array}\right. } +\end{aligned} +\end{math} +\\ + +Fitting compliance graph analysis to an SIS model (Susceptible, Infected, Susceptible) is achievable, but this model would lose many of the attributes, nuances, and representative details that are present in other models and real systems. Fitting each compliance graph node to only ``Susceptible" or ``Infected" compartments prevents modeling of exposure or recovery of a disease. As an alternative, the authors of \cite{10.1371/journal.pone.0257512} present a multi-strain model that would be favorable for compliance graph analysis. In this approach, the authors discuss a multi-strain SEIR (Susceptible - Exposed - Infected - Recovered) model that resembles the following:\\ + +\begin{math} +\begin{aligned} + {\left\{ \begin{array}{ll} + S_j(t)=P(t)-E_j(t)-I_j(t)-R_j(t),\\ + \dot{E}_j(t)=(1-\mu(t))\beta_jS_j(t)I_j(t)-\sigma_jE_j(t),\\ + \dot{I}_j(t)=\sigma_jE_j(t)-(\mu_j+\gamma_j)I_j(t),\\ + \dot{R}_j(t)=\gamma_jI_j(t)-\delta_jR_j(t) + \end{array}\right. } +\end{aligned} +\end{math} +\\ + +This approach includes an overall population $P$ term for determining the Susceptible compartment, mitigation measures $\mu$, recovery rate $\gamma$, and immunity loss $\delta$. This approach provides greater insight than the previous models, but still lacks potentially useful information for compliance graph analysis. In this model, recovered individuals in the system do not eventually become susceptible again, and also do not face the risk of expiring from the disease. In real systems, once an asset is compliant with a regulation, it does not become immune to violating that regulation in the future; an asset is fully able to repeatedly fall out of compliance. In addition, an alternative approach to corrective recovery (namely for legacy systems, third-party vendors or applications, or other systems that carry excess risk) is to remove the system from the environment. In epidemiology modeling, this would be represented as a system expiring or compartmentalized as ``Deceased". Though this model could provide additional parameters and compartments, it represents a solid foundational starting point for building a compatible model for compliance graph analysis, especially due to the detailed equilibrium, stability, and optimal control problem proofs. Section \ref{sec:SEIRDS-model} discusses the details of the chosen model. + +\subsection{SEIRDS Model} \label{sec:SEIRDS-model} +For initial investigation and testing purposes, the selected epidemiology model for the single-strain compliance graph analysis (which has been adapted for the multi-strain approach) was a SEIRDS (Susceptible - Exposed - Infected - Recovered - Deceased) model. Unlike a SIR (Susceptible - Infected - Recovered) model, the SEIRDS model includes an exposed group to represent nodes that \textit{will} become infected, as compared to the susceptible group which \textit{can} become infected. The exposed group has additional parameters such as incubation time, which provide additional detail on when the group will transition to the infected group. This model also captures events where nodes in the infected group decease rather than recover. After recovery, there is a waning immunity period where the population can become susceptible again. A similar model can be seen in the works presented by the authors of \cite{alaya2022mathematical}. This model better fits the information present in a compliance graph than the models described in Section \ref{sec:Model-Choice}, and the contextualization of this model's compartments and parameters can be seen in Tables \ref{table:model-context} and \ref{table:model-params}. Figure \ref{fig:SEIRDS-block} shows a block model representation of the SEIRDS model. Equation \ref{eq:seirds} displays the SEIRDS representation. + +\begin{table}[] + \scriptsize + \centering + \begin{tabular}{|c|c|c|} + \hline + \textbf{Compartment} & \textbf{Description} & \textbf{Contextualization to Compliance Graphs} \\ \hline + S & Susceptible & All other nodes. \\ \hline + E & Exposed & \begin{tabular}[c]{@{}c@{}}Nodes flagged as at risk of compliance violation \\ by an IDS, timeframe trigger, or other.\end{tabular} \\ \hline + I & Infected & Nodes that are in violation. \\ \hline + R & Recovered & \begin{tabular}[c]{@{}c@{}}Nodes that were infected and were capable\\ of automatic correction e.g., certificate renewal, \\ scheduled maintenance, or other.\end{tabular} \\ \hline + D & Deceased & \begin{tabular}[c]{@{}c@{}}Nodes removed from the compliance graph;\\ Systems that were removed from the network through \\ quarantine, DMZ, legacy removal, or other \\due to excess risk.\end{tabular} \\ \hline + \end{tabular} + \caption[Compartment Descriptors for Compliance Graphs]{Compartment Descriptors for Compliance Graphs. Each compartment is contextualized to compliance graphs, with their meanings and brief explanations of how nodes may fit in compartments.} + \label{table:model-context} +\end{table} + +\begin{table}[] + \scriptsize + \centering + \begin{tabular}{|c|c|c|} + \hline + \textbf{Parameter} & \textbf{Description} & \textbf{Contextualization to Compliance Graphs} \\ \hline + $\beta$ & Infection Rate & \begin{tabular}[c]{@{}c@{}}Probability of nodes falling out\\ of compliance.\end{tabular} \\ \hline + $\delta$ & Incubation Period & \begin{tabular}[c]{@{}c@{}}Once a node is at risk of falling out\\ of compliance, how long it takes to actually\\ violate a mandate or regulation.\end{tabular} \\ \hline + $\gamma_{R}$ & Recovery Rate & \begin{tabular}[c]{@{}c@{}}Probability of a system to correct\\ its violation status.\end{tabular} \\ \hline + $\gamma_{D}$ & Death Rate & \begin{tabular}[c]{@{}c@{}}Probability of removal for a system \\ in violation.\end{tabular} \\ \hline + $\mu$ & Fatality Ratio & \begin{tabular}[c]{@{}c@{}}Natural rate at which any node may \\ be removed from the network.\end{tabular} \\ \hline + $\epsilon$ & Infected Import Rate & \begin{tabular}[c]{@{}c@{}}Systems that are already in violation;\\ systems that do not fall out of compliance,\\ but are already violating a mandate.\end{tabular} \\ \hline + $\omega$ & Waning Immunity Rate & \begin{tabular}[c]{@{}c@{}}After a system recovers, how long\\ for it to be available for violation.\end{tabular} \\ \hline + \end{tabular} + \caption[Parameter Descriptors for Compliance Graphs]{Parameter Descriptors for Compliance Graphs. Each parameter is contextualized to compliance graphs, with their meanings and brief explanations of how node relationships affect the parameters.} + \label{table:model-params} +\end{table} + +\begin{equation} + \begin{gathered} + dS(t) = \epsilon - (\beta * S(t) * I(t)) - \mu * S(t) + \omega * R(t) \\ + dE(t) = (\beta * S(t) * I(t)) - \delta*E(t) \\ + dI(t) = \delta * E(t) - \gamma_{d} * I(t) - \gamma_{r} * I(t) \\ + dR(t) = \gamma_r * I(t) - \omega * R(t) \\ + dD(t) = \gamma_d * I(t) + \mu * S(t) + \label{eq:seirds} + \end{gathered} +\end{equation} + + + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/model-flow.drawio.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[SEIRDS Epidemiology Model]{SEIRDS Epidemiology Model. Display of each compartment in the SEIRDS epidemiology model and the mathematical representation of the relationship between compartments along with the parameters.} + \label{fig:SEIRDS-block} +\end{figure} + +Converting the single-strain model to function as a multi-strain model requires minimal additional modeling efforts. Rather than using a single SEIRDS model for all violations, each violation is instead represented by a SEIRDS model. In an environment where there are \textit{n} violations, there are \textit{n} SEIRDS models. This is represented in Table \ref{table:multi-strain-context}, which adds an indexing term to allow for multiple violations to be represented in the SEIRDS model. + +\begin{table}[] + \scriptsize + \centering + \begin{tabular}{|c|c|c|} + \hline + \textbf{Model Variable} & \textbf{Description} \\ \hline + $S_{n}$ & Susceptible to Violation \textit{n} \\ \hline + $E_{n}$ & Exposed to Violation \textit{n} \\ \hline + $I_{n}$ & Infected with Violation \textit{n} \\ \hline + $R_{n}$ & Recovered from Violation \textit{n} \\ \hline + $D_{n}$ & Deceased from Violation \textit{n} \\ \hline + $\beta_{n}$ & Infection Rate for Violation \textit{n} \\ \hline + $\delta_{n}$ & Incubation Period for Violation \textit{n} \\ \hline + $\gamma_{R}{n}$ & Recovery Rate for Violation \textit{n} \\ \hline + $\gamma_{D}{n}$ & Death Rate for Violation \textit{n} \\ \hline + $\mu_{n}$ & Fatality Ratio for Violation \textit{n} \\ \hline + $\epsilon_{n}$ & Infected Import Rate for Violation \textit{n} \\ \hline + $\omega_{n}$ & Waning Immunity Rate for Violation \textit{n} \\ \hline + \end{tabular} + \caption[Multi-Strain Variable Descriptors for Compliance Graphs]{Multi-Strain Variable Descriptors for Compliance Graphs. Each variable from the single-strain model can be represented with an indicator of \textit{n} to denote which SEIRDS violation model the data falls into.} + \label{table:multi-strain-context} +\end{table} + +\subsection{Implementation Details} \label{sec:ep-model-simplify} +Many multi-strain epidemiology models are made difficult or are constrained due to strain dependencies, competition, or extinction. In many multi-strain models, two strains $A$ and $B$ are not independent. If an individual is infected with strain $A$ or $B$, it may prevent the onset of the other strain, increase the likelihood of infection, or decrease the likelihood of infection. These dependencies often have their own dynamics, and can change over time along with the model. These strains also often compete, and strain effects can be dampened or amplified based on other strain populations. With numerous competing strains, the modeling process grows increasingly difficult or infeasible. However, a multi-strain SEIRDS model for compliance graph analysis is able to be simplified. In compliance graph analysis, a simplification can be made that each strain is fully independent - an infection (or lack thereof) of a strain does not impact any other strain. For example, for the automobile maintenance network, a node in the compliance graph can be simultaneously in need of an oil change and a headlight replacement. In addition, a strain curve can be said to have no impact on any other strain curves. Though this simplification is not fully representative and yields inaccuracy for multi-step or complex, dependent-triggered violations, it serves as a starting foundation for multi-violation analysis in a system with common violations. + +This work made use of both Python and R to support the epidemiology modeling. The derivation of parameters and compartmentalization of nodes for the SEIRDS model was implemented using Python and the NetworkX \cite{NetworkX} library. In addition to deriving model parameters and compartmentalizing the input compliance graph, the model preparation supports the ability to split the compliance graph into subgraphs based on time steps. Given the prior-knowledge network, the model preparation is able to identify time transitions within the graph and create subgraphs. As part of the main preparation loop, the Python function is able to take input as either the entire compliance graph or a subgraph. This preparation loop iterates through all known violations, and compartmentalizes each node according to each violation. Due to the simplification, it is possible for a node to simultaneously be classified as infected with violation $A$ while being classified as recovered from violation $B$. For each violation, each node is classified as infected if a violation edge leads to the node, exposed if a node is \textit{n}-steps away from an infected node, recovered if a recovery edge leads to the node, deceased if the node has no children, or susceptible if no other conditions match. After all compartments have been identified, parameters are obtained. The parameter definitions are presented in Equation \ref{eq:param-defs}. The compartmentalization and parameter derivation process is shown in Algorithm \ref{alg:ep-compart}. + +\begin{equation} + \begin{gathered} + \beta_{n} = \frac{Infected_{n} * w}{len(CG.nodes)} \\ + \delta_{n} = 1 \\ + \gamma_{r_{n}} = \frac{Recovered_{n} * w}{len(CG.nodes)} \\ + \gamma_{d_{n}} = \frac{Deceased_{n} * w}{len(CG.nodes)} \\ + \mu_{n} = \frac{Deceased_{n}}{Deceased_{n} + Recovered_{n}} \\ + \epsilon_{n} = \frac{Imported-Infected_{n}}{len(CG.nodes)} \\ + \omega_{n} = 1 \\ + \label{eq:param-defs} + \end{gathered} +\end{equation} + +For the example networks presented in Chapter \ref{ch:example-networks}, certain model parameters are statically defined. For instance, in Equation \ref{eq:param-defs} both \(\delta\) and \(\omega\) are set to 1. As Table \ref{table:multi-strain-context} specifies, \(\delta\) is the incubation period, which defines the incubation period, or how many compliance graph steps (edges) are required before a node can be classified as infected. In a compliance graph format, and specifically for the example networks presented in Chapter \ref{ch:example-networks}, there will always be exactly 1-edge delays between the labeling of an infection and the classification of an infection. Since the edges in a compliance graph are used as the transitionary elements that lead to a change in a system, for node $B$ to be classified as infected, there must be at least one edge between node $A$ and node $B$ for the infected classification to occur. This is also the case for the waning immunity rate, \(\omega\). Since there must be at least one edge to transition a node from a recovered state to a susceptible state, the waning immunity rate is also set to a static value of 1. + +\IncMargin{1em} +\begin{algorithm}[htbp] \label{alg:ep-compart} +\SetKwData{Left}{left} +\SetKwData{This}{this} +\SetKwData{Up}{up} +\SetKwFunction{Union}{Union} +\SetKwFunction{FindCompress}{FindCompress} +\SetKwInOut{Input}{Input}\SetKwInOut{Output}{Output} +\SetKwComment{comment}{\#}{} +\Input{Compliance Graph, PKN, Exposure Reachability n} +\Output{SEIRDS Model Compartments and Parameters} +\BlankLine + +\textbf{STEP 1:} Loop through Compliance Graph and Compartmentalize Nodes Based on Violation. \\ + \For{$node$ in Compliance Graph}{ + \For{$violation$ in possibleViolations}{ + \If{len($node$.in-edges) == 0 and $node$ is infected with $violation$} + {do set importedInfection[$violation$] += 1;} + + \uIf{len($node$.out-edges) == 0 and $node$ is infected with $violation$} + {do set Deceased[$violation$] += 1;} + \uElseIf{any $node$.in-edge has a violation identifier == $violation$} + {do set Infected[$violation$] += 1;} + \uElseIf{$node$ has $n$-step reachability to a node infected with $violation$} + {do set Exposed[$violation$] += 1;} + \uElseIf{any $node$.in-edge has a recovery identifier == $violation$} + {do set Recovered[$violation$] += 1;} + \Else + {do set Susceptible[$violation$] += 1;} + } + } + +\textbf{STEP 2:} Obtain Model Parameters for each Violation. \\ + \For{$violation$ in possibleViolations}{ + {do set $violation$[parameters] = Equation \ref{eq:param-defs}} + } + + \caption{SEIRDS Model compartmentalization and Parameter Derivation} +\end{algorithm} + +In order to better capture the recurring maintenance events, the recovery parameters can be adjusted based on a periodic function. This function can be adjusted per component and/or per mitigation strategy, and is intended to be interchanged with ease. For this work, the recovery parameters were altered to fit a cosine function. Cosine was chosen in order for the recover parameter minimum to be placed at the final known time step (t=0). A sine function with appropriate shifts could also be used, however a cosine function was used for simplicity. A few adjustments are required. To set the period of the cosine function, the default period (2$\pi$) is divided by the recurring maintenance event's time step of occurrence. Since the recovery rate must be a value between 0 and 1, a piecewise function is defined for the magnitude, where $y=max(0,cosx) \forall {x>0}$. The amplitude of the function was defined by the derived parameter from Algorithm \ref{alg:ep-compart}. This is shown in Equation \ref{eq:recovery-param}. + +\begin{equation} + \begin{gathered} + \gamma_{r} = \gamma_{r, derived} * \max(0,cosine(\frac{2*\pi*t}{RecurringMaintenanceTimeStep})) + \label{eq:recovery-param} + \end{gathered} +\end{equation} + +For accurately capturing the pre-defined events presented in Chapter \ref{ch:example-networks}, the infection rate parameters are also designed to be dynamic. Due to the degradation of parts, health, or quality of the asset over time, the infection parameter is expected to steadily increase. The pre-defined events can be used as a baseline for increasing the infection rate to support this functionality. For instance, for the automobile maintenance network, the drive belts have a pre-defined event at time step 3 where a replacement or inspection is required. A function can be defined that increases the infection rate of the drive belt violation as the component reaches its replacement or inspection lifespan. When data is available for the lifespan of a given component, an infection rate parameter increase could model the behavior of $\lim_{t \to expectedPartLifeSpan} f(t) = 1 $. For components with pre-defined events, the ``expectedPartLifeSpan" can be obtained by identifying the event time of the part failure, repair, or replacement. For components without a pre-defined event, identifying the ``expectedPartLifeSpan" would require additional data for each component represented in the compliance graph. As previously stated, this work intends to be self-contained and independent of likelihood estimations. Though tire replacement data may be readily available, identifying the likelihood of forcibly decrypting a database (or the point of its occurrence) requires transitional estimation that is outside of this work. Instead, this work made a simplification of $ \lim_{t \to \infty} f(t) = 1 $ when the component lifespan data was unavailable. + +This work intended for $f(t)$ to be fully replaceable. Better cost models can replace the $f(t)$ functions to better fit to the expected changes in infection parameters. Rather than identifying unique $f(t)$ functions for each component, this work implemented two functions. When the expected component lifespan was known, Equation \ref{eq:known_ft} was used as the $f(t)$ function. When the expected component lifespan was not known, Equation \ref{eq:unknown_ft} was used as the $f(t)$ function. Equation \ref{eq:known_ft} was intended to be simplistic. Due to the exponential function, the limit approaches 1 as the component reaches its lifespan. There is a shift in the function for axis alignment, but no other modifications are implemented. This function does have a quick rise toward 1, so future adjustments to its gain may be necessary. For Equation \ref{eq:unknown_ft}, more attention was given to its rise. Since the component has an unknown life span, a gradual increase toward 1 at $t=\infty$ may be unrealistic. Likewise, a rapid gain toward 1 in the first few time steps may also be unrealistic. This function was chosen and tuned to allow for a rise toward a infection rate parameter value of 1 near 30 time steps. Since time steps are variable based on the step size selection in the network generation process, this function can be tuned to better fit specific components or networks. Figure \ref{fig:unknown-infec-rate} displays a plot of this function. After a mitigation or correction scheme is implemented for a component, the infection rate is reset to its original, derived value. + +\begin{equation} + \begin{gathered} + f(t) = 1-\exp({(expectedPartLifeSpan-t)}) + \label{eq:known_ft} + \end{gathered} +\end{equation} + +\begin{equation} + \begin{gathered} + f(t) = 1-\exp(-\frac{t}{1000}^{2.5}) + \label{eq:unknown_ft} + \end{gathered} +\end{equation} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/unknown_infec_rate.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Infection Rate Parameter as a Function of Time for Components with an Unknown Lifespan]{The infection rate parameter increases in value over time to account for degradation of parts, health, or quality of components. This Figure displays the chosen function for components with unknown lifespans. It is tuned to rise toward its limit value of 1 near 30 time steps. This function is able to be modified or replaced to better fit the degradation factor for other components or environments.} + \label{fig:unknown-infec-rate} +\end{figure} + + +After the Python model preparation was called with the Reticulate library \cite{reticulate} (which acts as an interface between R and Python), R code was used to evaluate the problem space using a differential equation solver. The implemented solver was ODE45, provided by the pracma library \cite{pracma}. Equation \ref{eq:seirds} was defined as a function in R, with inputs of model parameters and model compartments. This function was called through ODE45 over a specified range of time, and would produce an output of epidemic curves. Unless otherwise specified, the epidemic curves would be generated starting with time = ``0" (the last known step of the compliance graph), and would evaluate data for the next 5 years. Since this work is approaching the compliance graph through a multi-strain lens, the differential equation solver was applied over each violation. As a result, epidemic curves were produced for each violation that provided insight on the violation trends over time. This process is displayed in Algorithm \ref{alg:ep-process}. + +\IncMargin{1em} +\begin{algorithm}[htbp] \label{alg:ep-process} +\SetKwData{Left}{left} +\SetKwData{This}{this} +\SetKwData{Up}{up} +\SetKwFunction{Union}{Union} +\SetKwFunction{FindCompress}{FindCompress} +\SetKwInOut{Input}{Input}\SetKwInOut{Output}{Output} +\SetKwComment{comment}{\#}{} +\Input{Compliance Graph, PKN, Exposure Reachability n} +\Output{Epidemic Curves} +\BlankLine + +\textbf{STEP 0:} Initialize the R environment. \\ + do initialize: \\ + \quad Set working directory; \\ + \quad Receive inputs; \\ + \quad Initialize Reticulate with appropriate Python versioning and executable(s); \\ + +\textbf{STEP 1:} Compartmentalize $Compliance Graph$ and Derive Model Parameters. \\ + {do call Algorithm \ref{alg:ep-compart} via Reticulate;} + +\textbf{STEP 2:} Format Compartments and Parameters. \\ + {do unpack $STEP \mkern5mu 1$ output and load into R variables;} \\ + {do data type conversions and shaping across time steps and violations;} \\ + +\textbf{STEP 3:} Produce Epidemic Curves. \\ + \For {$violation$ in dim(S)[2]} { + {do set vioOut = ODE45 with compartments=SEIRDS.compart[$violation$], \\ + \quad parameters=SEIRDS.param[$violation$], \\ + \quad time=[0, 5 years];} \\ + {do plot vioOut;} + } + + \caption{Producing Epidemic Curves for all Possible Violations in a Compliance Graph} +\end{algorithm} + +\subsection{Results and Analysis} \label{sec:ep-res} +Since a large number of epidemic curves were produced (due to the large number of possible violations across three example networks), only select epidemic curves are displayed and discussed. The selected Figures display the variations in curves based on implemented mitigation strategies. Figure \ref{fig:car-ep-oil} highlights the effectiveness of the routine maintenance for the automobile maintenance network. This Figure displays the decreases in compliance violations for oil changes due to the maintenance that occurs every 6 months or 6000 miles. Likewise, Figure \ref{fig:car-ep-drivebelt} highlights the effectiveness of the routine maintenance that takes place every 1 year and 6 months for the drive belts. Both of these Figures successfully showcase the return to compliance due to the implemented repair strategies. Figure \ref{fig:hip-ep-bad} illustrates an output for an ineffective mitigation strategy for the HIPAA network. This Figure showcases that the lack of mitigation and correction implementations leads to a rise in violations, which will be attributed to noncompliance penalties. This Figure successfully showcases the necessity for organizational attention regarding this specific violation. + +Another advantage to epidemiology modeling is the ability to identify, predict, and prepare for outcomes if maintenance schedules are adjusted. Figure \ref{fig:osha_end_maint} illustrates an example for the OSHA 1910H network, where the routine maintenance schedule for a component is ended. At the last known time step (t=0), it is evident that the previous maintenance schedule was successful at correcting any known violations: the Susceptible population was at 90.9\%, the Exposed, Infected, and Deceased populations were near zero, and the Recovery population was non-zero, indicating that the maintenance schedule was successfully correcting any issues with noncompliance as they arose. Parameters were then altered to determine if maintenance schedules could be removed. For this example, the alteration included setting $\gamma_r$ to the derived value, rather than based on a function of time relative to the maintenance schedule since it was removed. Figure \ref{fig:osha_end_maint} highlights that the removal of the maintenance schedule would cause an increase in the Infected population over the next 5 years, revealing that the maintenance schedule should likely remain in place. + +Some Figures also displayed results with no changes in compartment trends. Figure \ref{fig:osha-ep-nothing} illustrates an epidemic curve that, though accurate, yields less interesting results. This Figure showcases the trendlines of a violation that is not seen in the given compliance graph, and there is no modeled degradation of components. Since this violation never occurs, the Susceptible population remains at 100\%, with all other compartments remaining at 0\%. However, this result provides useful insight since it demonstrates that there are no current or expected noncompliance penalties that will be incurred due to this specific violation. These Figures are able to assist in the compliance maintenance process by verifying that budgetary attention can be safely allocated to other, higher priority violations. + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/oil_change.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Epidemic Curve for the Automobile Maintenance Network's Oil Change Violation]{Epidemic Curve for the Automobile Maintenance Network's Oil Change Violation. + This epidemic curve highlights the effectiveness of the routine maintenance for the automobile maintenance network, evident through the regular decreases in the Infected compartments of the SEIRDS epidemiology model. These maintenance events take place every 6 months or 6000 miles, and successfully correct the vehicle to a state of compliance with respect to the oil change violations.} + \label{fig:car-ep-oil} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/drive_belt.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Epidemic Curve for the Automobile Maintenance Network's Drive Belt Violation]{Epidemic Curve for the Automobile Maintenance Network's Drive Belt Violation. + This epidemic curve highlights the effectiveness of the routine maintenance for the automobile maintenance network, evident through the regular decreases in the Infected compartments of the SEIRDS epidemiology model. These maintenance events take place every 1 year and 6 months, and successfully correct the vehicle to a state of compliance with respect to the drive belt violations. However, there is a steady increase of violation (the population of I) due to the increased infection rate parameter caused by the pre-defined events presented in Chapter \ref{ch:example-networks}. This Figure also displays the effectiveness at preventing the spread of a drive belt violation. If the Infected population rose to 1.0, then every node in a compliance graph or subgraph would be expected to posses that violation. Since the Infected population remains below 10\%, the mitigation strategy can be considered effective at correcting the drive belt violation before it spreads through the compliance graph or subgraph.} + \label{fig:car-ep-drivebelt} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/sec_asses.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Epidemic Curve for the HIPAA Network's Security Assessment Violation]{This epidemic curve highlights the ineffectiveness of the mitigation strategy for the HIPAA network, evident through the continual increase and lack of any decrease in the Infected compartments of the SEIRDS epidemiology model. There are seemingly no mitigation or correction implementations, or they are unable to successfully correct the HIPAA network to a state of compliance with respect to the security assessment violation. At the final known time step (t=0), nearly 50\% of the nodes in the last subgraph contained this violation, with the remainder within 2-step exposure of infection.} + \label{fig:hip-ep-bad} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/osha_end.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Epidemic Curve for the OSHA 1910H Network's Violation]{This Figure illustrates an example for the OSHA 1910H network where the routine maintenance schedule for a component is ended. At the last known time step (t=0), it is evident that the previous maintenance schedule was successful at correcting any known violations: the Susceptible population was at 90.9\%, the Exposed, Infected, and Deceased populations were near zero, and the Recovery population was non-zero, indicating that the maintenance schedule was successfully correcting any issues with noncompliance as they arose. Parameter alters were then altered to determine the outcome if maintenance schedules could be removed. For this example, $\gamma_r$ was set to be the derived value, rather than based on a function of time relative to the maintenance schedule. This Figure highlights that the removal of the maintenance schedule causes an increase in the Infected population over the next 5 years.} + \label{fig:osha_end_maint} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/osha-ep-nothing.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Epidemic Curve for the OSHA 1910H Network's Inventory Violation]{This epidemic curve displays results with no changes in compartment trends for the OSHA 1910H network due to the lack of any known or expected inventory violations. This epidemic curve verifies that budgetary attention can be safely allocated to other, higher priority violations.} + \label{fig:osha-ep-nothing} +\end{figure} + +\subsection{Validation} \label{sec:ep-valid} +In order to validate the epidemiology modeling approach, the following characteristics were examined, and test cases were created to compare against expected behavior. The results of these tests are not included in this work, since the test results were a boolean ``pass" or ``fail". If a failed test was encountered, the validation process failed, and the methodology was flawed and in need of correction. For the work presented, each test returned a successful outcome. +\begin{itemize} + \item All parameters (\(\beta\), \(\delta\), \(\gamma_{r}\), \(\gamma_{d}\), \(\mu\), \(\epsilon\), \(\omega\)) for all violations are greater than or equal to 0.0. + \item The \(\beta\), \(\gamma_{r}\), \(\gamma_{d}\), \(\mu\), \(\epsilon\), \(\omega\) parameters for all violations are less than or equal to 1.0. + \item All initial compartments (\(S\), \(E\), \(I\), \(R\), \(D\)) are greater than or equal to 0.0. + \item The sum of all compartments (\(S\), \(E\), \(I\), \(R\), \(D\)) for all time steps for all violations does not exceed the total number of nodes for the given time-stepped subgraph. + \item The sum of all compartments (\(S\), \(E\), \(I\), \(R\), \(D\)) in percentage form for all time steps for all violations is equal to 1.0. + \item A decrease in the \(Susceptible\) compartment causes an increase in either the \(Exposed\) or \(Infected\) compartment. + \item A decrease in the \(Exposed\) compartment causes an increase in the \(Infected\) compartment. + \item A decrease in the \(Infected\) compartment causes an increase in either the \(Recovered\) or \(Deceased\) compartment. + \item A decrease in the \(Recovered\) compartment causes an increase in the \(Susceptible\) compartment. + \item A increase in the \(Deceased\) compartment causes a decrease in the total number of nodes. + \item The total sum of the \(Deceased\) compartment across all time steps never decreases. + \item The number of nodes in the epidemiology model for the specific example networks in this work never increases. +\end{itemize} + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +\section{Risk Assessment} \label{sec:risk-assessment} +Epidemiology modeling successfully provides insight on the predicted trends and behaviors of compliance violations over time. These trends are useful for identifying the utility of any correction schemes, for future mitigation planning, or for determining which periods of time may require additional attention to prevent noncompliance. However, for presenting quantitative metrics to advisory boards, upper level staff, or management, alternative figures may yield better results, especially when requesting increases in funding. One common method for determining a quantitative metric with respect to expected or predicted challenges is risk assessment. Risk assessment allows for further insight regarding potential risks, damages, or losses, and considers any mitigations, likelihood of occurrences, and can provide information on fault-tolerance in the instance of a risk event \cite{RA}. This Section discusses the risk assessment strategies that are implemented for compliance graph analysis in Section \ref{sec:ra-imp}, with results presented in Section \ref{sec:ra-res}. + +\subsection{Implementation Details} \label{sec:ra-imp} +A primary motivator for this work is to provide analysis on compliance graphs that is independent of (but compatible with) any external probability or state transition estimations. As Chapters \ref{ch:Intro}, \ref{ch:rel-works}, and \ref{ch:example-networks} discuss, though works exist for determining transitions of nodes and edges through Markov Decision Processes, empirical analysis, or investigations of the National Vulnerability Database (NVD) and Common Vulnerabilities and Exposures (CVE) list, this work aimed to stay as self-contained and self-sufficient as possible. In order to achieve this, this work presents a modification to Annualized Loss Expectancy (ALE) computations. Equation \ref{eq:ALE} displays the traditional approach for computing ALE. + +\begin{equation} + \begin{gathered} + ALE = Annual Rate of Occurrence * Single Loss Expectancy, \quad where: \\ + Single Loss Expectancy = Asset Value * Exposure Factor + \label{eq:ALE} + \end{gathered} +\end{equation} + +Included in the presentation of ALE in Equation \ref{eq:ALE}, Annual Rate of Occurrence (ARO) is displayed. In traditional computations of ALE, this is obtained through a likelihood estimation. Since this work is intended to stay self-contained, an alternative approach is required. The SEIRDS model presented in Section \ref{sec:SEIRDS-model} included a discussion of model parameters. Included with these parameters was a derivation of the \(\beta\) parameter in Algorithm \ref{alg:ep-compart} and Equation \ref{eq:param-defs}. As Table \ref{table:multi-strain-context} displays, the \(\beta\) parameter is used to describe the infection rate of a violation. This parameter, when presented as a yearly rate, can be directly substituted for ARO in the ALE computation. Likewise, the Noncompliance Penalty can be obtained through the prior-knowledge network, which describes the penalties for noncompliance. This is shown in Equation \ref{eq:aro-beta} as the Single Loss Expectancy. Since this work specifically does not estimate the probabilities of fines or assessments, the Exposure Factor is set to 100\%. This work aims to ensure compliance is fully met, and does not introduce any analysis that allows for organizations to base their mitigation strategies based on the likelihood of being fined. This work is binary in compliance measurement only - either the organization is maintaining a compliant standing and will not be fined, or they are in violation and will receive a penalty. + +\begin{equation} + \begin{gathered} + ALE_{n} = \beta_{n} * Noncompliance Penalty + \label{eq:aro-beta} + \end{gathered} +\end{equation} + +Using the modified ALE equation, a process can be defined for obtaining necessary components. The \(\beta\) parameter is obtained from the SEIRDS model parameter derivation, which receives input of a compliance graph and the prior-knowledge network. Figure \ref{fig:obj1} shows the flow diagram of computing risk assessment with ALE given a compliance graph and its input files, operating on the SEIRDS model parameters. + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/Obj1.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Risk Assessment Using Epidemiology Modeling]{Risk Assessment Using Epidemiology Modeling. Display of the risk assessment process. Using a compliance graph and its input files, the parameters and compartments can be derived for a SEIRDS model as discussed in Section \ref{sec:ep-modeling}. Using the produced multi-strain epidemic curves, Annualized Loss Expectancy can be used to quantify the costs of compliance or regulation mandate violations.} + \label{fig:obj1} +\end{figure} + +\subsection{Results and Analysis} \label{sec:ra-res} +For each example network presented in Chapter \ref{ch:example-networks}, ALE was computed for all possible violations. To display the results, bar graphs were used to highlight the magnitudes of expected losses incurred from an event of noncompliance. This display allows for a simplistic view of violations that are expected to yield unfavorable penalties, as well as those that may yield little to no penalties. The bar graphs were plotted in terms of both monetary and time penalties. Figures \ref{fig:car-ale-mon} and \ref{fig:car-ale-t} present the results for the Automobile Maintenance Network (Section \ref{sec:Automotive}) for its monetary and time expected losses, respectively. Figures \ref{fig:hip-ale-mon} and \ref{fig:hip-ale-t} present the results for the HIPAA Network (Section \ref{sec:Healthcare}) for its monetary and time expected losses, respectively. Figures \ref{fig:osha-ale-mon} and \ref{fig:osha-ale-t} present the results for the OSHA 1910H Network (Section \ref{sec:OSHA}) for its monetary and time expected losses, respectively. + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/car-ale-mon.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Annualized Monetary Loss Expectancies for the Automobile Maintenance Network]{Annualized Monetary Loss Expectancies for the Automobile Maintenance Network. + Bar graph representation of the expected monetary losses across all violations for the automobile maintenance network per year. Each loss is computed through the modified ALE equation presented in Equation \ref{eq:aro-beta}. Numerous violations have no expected losses due to the lack of presence of violation in the input compliance graph, or due to successful mitigation strategies. This is a favorable result, as it allows for provable visuals that current mitigation strategies are successful in preventing any penalties for a particular mandate, or that there is no current risk of noncompliance penalties for the possible violation.} + \label{fig:car-ale-mon} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/car-ale-t.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Annualized Time Loss Expectancies for the Automobile Maintenance Network]{Annualized Time Loss Expectancies for the Automobile Maintenance Network. + Bar graph representation of the expected time losses across all violations for the automobile maintenance network per year. Each loss is computed through the modified ALE equation presented in Equation \ref{eq:aro-beta}. Numerous violations have no expected losses due to the lack of presence of violation in the input compliance graph, or due to successful mitigation strategies. This is a favorable result, as it allows for provable visuals that current mitigation strategies are successful in preventing any penalties for a particular mandate, or that there is no current risk of noncompliance penalties for the possible violation. However, of the possible violation occurrences, the expected losses are of low magnitude due to the availability of ride-sharing or rental cars that was built into the monetary cost model.} + \label{fig:car-ale-t} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/hip-ale-mon.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Annualized Monetary Loss Expectancies for the HIPAA Network]{Annualized Monetary Loss Expectancies for the HIPAA Network. + Bar graph representation of the expected monetary losses across all violations for the HIPAA network per year. Each loss is computed through the modified ALE equation presented in Equation \ref{eq:aro-beta}. Numerous violations have no expected losses due to the lack of presence of violation in the input compliance graph, or due to successful mitigation strategies. This is a favorable result, as it allows for provable visuals that current mitigation strategies are successful in preventing any penalties for a particular mandate, or that there is no current risk of noncompliance penalties for the possible violation.} + \label{fig:hip-ale-mon} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/hip-ale-t.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Annualized Time Loss Expectancies for the HIPAA Network]{Annualized Time Loss Expectancies for the HIPAA Network. + Bar graph representation of the expected time losses across all violations for the HIPAA network per year. Each loss is computed through the modified ALE equation presented in Equation \ref{eq:aro-beta}. Numerous violations have no expected losses due to the lack of presence of violation in the input compliance graph, or due to successful mitigation strategies. This is a favorable result, as it allows for provable visuals that current mitigation strategies are successful in preventing any penalties for a particular mandate, or that there is no current risk of noncompliance penalties for the possible violation. However, of the possible violation occurrences, the expected losses are of low magnitude due to the lack of closure or shutdown penalty data.} + \label{fig:hip-ale-t} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/osha-ale-mon.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Annualized Monetary Loss Expectancies for the OSHA 1910H Network]{Annualized Monetary Loss Expectancies for the OSHA 1910H Network. + Bar graph representation of the expected monetary losses across all violations for the OSHA 1910H network per year. Each loss is computed through the modified ALE equation presented in Equation \ref{eq:aro-beta}. Numerous violations have no expected losses due to the lack of presence of violation in the input compliance graph, or due to successful mitigation strategies. This is a favorable result, as it allows for provable visuals that current mitigation strategies are successful in preventing any penalties for a particular mandate, or that there is no current risk of noncompliance penalties for the possible violation.} + \label{fig:osha-ale-mon} +\end{figure} + +\begin{figure}[htp] + \includegraphics[width=\linewidth]{"./images/osha-ale-t.png"} + \centering + \vspace{.2truein} \centerline{} + \caption[Annualized Time Loss Expectancies for the OSHA 1910H Network]{Annualized Time Loss Expectancies for the OSHA 1910H Network. + Bar graph representation of the expected time losses across all violations for the OSHA 1910H network per year. Each loss is computed through the modified ALE equation presented in Equation \ref{eq:aro-beta}. Numerous violations have no expected losses due to the lack of presence of violation in the input compliance graph, or due to successful mitigation strategies. This is a favorable result, as it allows for provable visuals that current mitigation strategies are successful in preventing any penalties for a particular mandate, or that there is no current risk of noncompliance penalties for the possible violation. However, of the possible violation occurrences, the expected losses are of low magnitude due to the lack of closure or shutdown penalty data.} + \label{fig:osha-ale-t} +\end{figure} + +There are a few notable points of interest in each of these Figures. ALE was computed for all possible violations, and no filtering or post-processing was performed. Due to this, numerous violations list no expected losses. Though these violations were set as possibilities in the analysis methods, since there were no occurrences of noncompliance in the input compliance graph, the \(\beta\) parameter was derived to be 0, and the resulting ALE was likewise 0. This is a favorable result, as it allows for provable visuals that current mitigation strategies are successful in preventing any penalties for a particular mandate. + +In all Figures that presented expected time losses, magnitudes are relatively low. This is due to the input of prior-knowledge networks for each example network. For all problem spaces, identifying monetary penalties was made easier due to public availability of data. However, data describing time losses due to temporary shutdowns or closures was not readily available. Rather than estimate data, create data, or insert bias, time losses were generally not present in the prior-knowledge networks. For the Automobile Maintenance network, time losses were available due to the expected time of repair, but these losses tended to be overshadowed by monetary losses. Even in instances where repairs were lengthy, costs of public transportation or ride-sharing were built into monetary losses, rather than time losses; individuals were more likely to drop a vehicle off for repair with a return at a later date for pickup. Given more data regarding time losses, these Figures could be expected to see greater variances in magnitude. + +\subsection{Validation} \label{sec:ale-valid} +In order to validate ALE, the following characteristics were examined, and test cases were created to compare against expected behavior. The results of these tests are not included in this work, since the test results were a boolean ``pass" or ``fail". If a failed test was encountered, the validation process failed, and the methodology was flawed and in need of correction. For the work presented, each test returned a successful outcome. +\begin{itemize} + \item The \(\beta\) parameter for all violations is greater than or equal to 0.0. + \item The \(\beta\) parameter for all violations for a single time step is less than or equal to 1.0. + \item If the \(\beta\) parameter for any violation when substituted for ARO is greater than 1, then at least two edges are present in the compliance graph when the compliance graph is split into a subgraph across one year. + \item All ALE values are greater than or equal to 0.0. + \item If the \(\beta\) parameter for a violation is greater than or equal to 0, and is less than or equal to 1, then the resulting ALE does not exceed the costs present for that violation in the prior-knowledge network. + \item If the \(\beta\) parameter for a violation is greater than 1, then the resulting ALE does exceed the costs present for that violation in the prior-knowledge network. + \item The resulting bar graphs for displaying ALE have an equal number of bars to the number of total possible violations for the example network. +\end{itemize} + +\section{Future Works} + +\section{Conclusions} +This work presented and implemented a SEIRDS epidemiology model used for analyzing the trends (and expected trends) of a compliance graph. This model is able to compartmentalize a compliance graph into five unique and related sets of populations. This model also functions with a variety of tunable, customizable parameters that assist in the analysis of the spread of violations in an environment. These parameters are intended to be used alongside any user-provided data, such as the maintenance or replacement schedules or the expected lifespans of components. Each example compliance graph presented in Chapter \ref{ch:example-networks} was analyzed using this model. The results were validated as part of the validation process shown in Section \ref{sec:ep-valid}. The results presented in Section \ref{sec:ep-res} display notable visualizations about the analysis process. The methodology of this work is able to uncover valuable information regarding the compliance standing of an environment, such as the effectiveness of any mitigation, correction, or prevention strategies, and the exposure to and spread of violations. Additionally, this work allows for the testing and experimentation of mitigation strategies to provide quantifiable results as to the successes or failures of any alterations, removals, or additions toward maintaining compliance. This approach is shown to be successful in all three unique example compliance graphs, and boasts the ability to be modified or fine-tuned given additional data inputs. + +In addition, this work presented an approach for risk assessment through a modified Annualized Loss Expectancy (ALE) computation. This technique allows for analysis on a complex environment without the need for estimation regarding rate of occurrence that may otherwise be difficult or impossible to obtain. The results as shown in Section \ref{sec:ra-res} were presented in the form of bar graphs that display the expected losses for each resource across all examined violations. The results were validated as part of the validation process shown in Section \ref{sec:ale-valid}, and demonstrate that this approach is functional even when no noncompliance instances are observed. + + + + + +\addcontentsline{toc}{section}{Bibliography} +\bibliography{Bibliography} +\bibliographystyle{ieeetr} + +\end{document} \ No newline at end of file diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..2dd5f32 --- /dev/null +++ b/build.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +bibtex ./output/Schrick-Noah_CG-Ep-Modeling +pdflatex -output-directory=./output Schrick-Noah_CG-Ep-Modeling.tex \ No newline at end of file diff --git a/images/CG-Timestepped.png b/images/CG-Timestepped.png new file mode 100644 index 0000000..c2e0af7 Binary files /dev/null and b/images/CG-Timestepped.png differ diff --git a/images/Obj1.png b/images/Obj1.png new file mode 100644 index 0000000..30b7139 Binary files /dev/null and b/images/Obj1.png differ diff --git a/images/Obj2.png b/images/Obj2.png new file mode 100644 index 0000000..ceaa061 Binary files /dev/null and b/images/Obj2.png differ diff --git a/images/Obj5.png b/images/Obj5.png new file mode 100644 index 0000000..beea9a2 Binary files /dev/null and b/images/Obj5.png differ diff --git a/images/car-ale-mon.png b/images/car-ale-mon.png new file mode 100644 index 0000000..8396cf8 Binary files /dev/null and b/images/car-ale-mon.png differ diff --git a/images/car-ale-t.png b/images/car-ale-t.png new file mode 100644 index 0000000..95afae5 Binary files /dev/null and b/images/car-ale-t.png differ diff --git a/images/drive_belt.png b/images/drive_belt.png new file mode 100644 index 0000000..b5825a0 Binary files /dev/null and b/images/drive_belt.png differ diff --git a/images/hip-ale-mon.png b/images/hip-ale-mon.png new file mode 100644 index 0000000..02a1cd9 Binary files /dev/null and b/images/hip-ale-mon.png differ diff --git a/images/hip-ale-t.png b/images/hip-ale-t.png new file mode 100644 index 0000000..3d7e80f Binary files /dev/null and b/images/hip-ale-t.png differ diff --git a/images/model-flow.drawio.png b/images/model-flow.drawio.png new file mode 100644 index 0000000..24c4210 Binary files /dev/null and b/images/model-flow.drawio.png differ diff --git a/images/model-flow.png b/images/model-flow.png new file mode 100644 index 0000000..c567671 Binary files /dev/null and b/images/model-flow.png differ diff --git a/images/oil_change.png b/images/oil_change.png new file mode 100644 index 0000000..6204650 Binary files /dev/null and b/images/oil_change.png differ diff --git a/images/osha-ale-mon.png b/images/osha-ale-mon.png new file mode 100644 index 0000000..a489fc9 Binary files /dev/null and b/images/osha-ale-mon.png differ diff --git a/images/osha-ale-t.png b/images/osha-ale-t.png new file mode 100644 index 0000000..3624cb5 Binary files /dev/null and b/images/osha-ale-t.png differ diff --git a/images/osha-ep-nothing.png b/images/osha-ep-nothing.png new file mode 100644 index 0000000..7b3de49 Binary files /dev/null and b/images/osha-ep-nothing.png differ diff --git a/images/osha_end.png b/images/osha_end.png new file mode 100644 index 0000000..0d0a51e Binary files /dev/null and b/images/osha_end.png differ diff --git a/images/prog-flow.drawio.png b/images/prog-flow.drawio.png new file mode 100644 index 0000000..341cb95 Binary files /dev/null and b/images/prog-flow.drawio.png differ diff --git a/images/sec_asses.png b/images/sec_asses.png new file mode 100644 index 0000000..4e43cae Binary files /dev/null and b/images/sec_asses.png differ diff --git a/images/unknown_infec_rate.png b/images/unknown_infec_rate.png new file mode 100644 index 0000000..91bc089 Binary files /dev/null and b/images/unknown_infec_rate.png differ diff --git a/output/Schrick-Noah_CG-Ep-Modeling.aux b/output/Schrick-Noah_CG-Ep-Modeling.aux new file mode 100644 index 0000000..f9b1ca1 --- /dev/null +++ b/output/Schrick-Noah_CG-Ep-Modeling.aux @@ -0,0 +1,120 @@ +\relax +\providecommand\babel@aux[2]{} +\@nameuse{bbl@beforestart} +\citation{9914620} +\citation{9929470} +\citation{9628991} +\citation{9630798} +\citation{6414589} +\citation{8228672} +\citation{9678822} +\citation{5455187} +\citation{10227113} +\citation{9457692} +\citation{9856356} +\citation{9450250} +\providecommand \oddpage@label [2]{} +\babel@aux{nil}{} +\@writefile{toc}{\contentsline {section}{\numberline {I}Introduction}{1}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{\numberline {II}Related Works}{1}{}\protected@file@percent } +\newlabel{sec:ep-intro}{{II}{1}{}{}{}} +\@writefile{toc}{\contentsline {section}{\numberline {III}Approach to Multi-Strain Epidemiology Modeling}{1}{}\protected@file@percent } +\newlabel{sec:ep-modeling}{{III}{1}{}{}{}} +\citation{9593147} +\citation{Lou2021} +\citation{10.1371/journal.pone.0257512} +\citation{alaya2022mathematical} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-A}}Alternative Model Details}{2}{}\protected@file@percent } +\newlabel{sec:Model-Choice}{{\mbox {III-A}}{2}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-B}}SEIRDS Model}{2}{}\protected@file@percent } +\newlabel{sec:SEIRDS-model}{{\mbox {III-B}}{2}{}{}{}} +\citation{NetworkX} +\@writefile{lot}{\contentsline {table}{\numberline {I}{\ignorespaces Compartment Descriptors for Compliance Graphs}}{3}{}\protected@file@percent } +\newlabel{table:model-context}{{I}{3}{}{}{}} +\@writefile{lot}{\contentsline {table}{\numberline {II}{\ignorespaces Parameter Descriptors for Compliance Graphs}}{3}{}\protected@file@percent } +\newlabel{table:model-params}{{II}{3}{}{}{}} +\newlabel{eq:seirds}{{1}{3}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces SEIRDS Epidemiology Model}}{3}{}\protected@file@percent } +\newlabel{fig:SEIRDS-block}{{1}{3}{}{}{}} +\@writefile{lot}{\contentsline {table}{\numberline {III}{\ignorespaces Multi-Strain Variable Descriptors for Compliance Graphs}}{3}{}\protected@file@percent } +\newlabel{table:multi-strain-context}{{III}{3}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-C}}Implementation Details}{3}{}\protected@file@percent } +\newlabel{sec:ep-model-simplify}{{\mbox {III-C}}{3}{}{}{}} +\newlabel{eq:param-defs}{{2}{4}{}{}{}} +\newlabel{alg:ep-compart}{{1}{4}{}{}{}} +\@writefile{loa}{\contentsline {algocf}{\numberline {1}{\ignorespaces SEIRDS Model compartmentalization and Parameter Derivation}}{4}{}\protected@file@percent } +\newlabel{eq:recovery-param}{{3}{4}{}{}{}} +\citation{reticulate} +\citation{pracma} +\newlabel{eq:known_ft}{{4}{5}{}{}{}} +\newlabel{eq:unknown_ft}{{5}{5}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Infection Rate Parameter as a Function of Time for Components with an Unknown Lifespan}}{5}{}\protected@file@percent } +\newlabel{fig:unknown-infec-rate}{{2}{5}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-D}}Results and Analysis}{5}{}\protected@file@percent } +\newlabel{sec:ep-res}{{\mbox {III-D}}{5}{}{}{}} +\newlabel{alg:ep-process}{{2}{6}{}{}{}} +\@writefile{loa}{\contentsline {algocf}{\numberline {2}{\ignorespaces Producing Epidemic Curves for all Possible Violations in a Compliance Graph}}{6}{}\protected@file@percent } +\@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces Epidemic Curve for the Automobile Maintenance Network's Oil Change Violation}}{6}{}\protected@file@percent } +\newlabel{fig:car-ep-oil}{{3}{6}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-E}}Validation}{6}{}\protected@file@percent } +\newlabel{sec:ep-valid}{{\mbox {III-E}}{6}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {4}{\ignorespaces Epidemic Curve for the Automobile Maintenance Network's Drive Belt Violation}}{7}{}\protected@file@percent } +\newlabel{fig:car-ep-drivebelt}{{4}{7}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {5}{\ignorespaces Epidemic Curve for the HIPAA Network's Security Assessment Violation}}{7}{}\protected@file@percent } +\newlabel{fig:hip-ep-bad}{{5}{7}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {6}{\ignorespaces Epidemic Curve for the OSHA 1910H Network's Violation}}{7}{}\protected@file@percent } +\newlabel{fig:osha_end_maint}{{6}{7}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {7}{\ignorespaces Epidemic Curve for the OSHA 1910H Network's Inventory Violation}}{7}{}\protected@file@percent } +\newlabel{fig:osha-ep-nothing}{{7}{7}{}{}{}} +\citation{RA} +\@writefile{toc}{\contentsline {section}{\numberline {IV}Risk Assessment}{8}{}\protected@file@percent } +\newlabel{sec:risk-assessment}{{IV}{8}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-A}}Implementation Details}{8}{}\protected@file@percent } +\newlabel{sec:ra-imp}{{\mbox {IV-A}}{8}{}{}{}} +\newlabel{eq:ALE}{{6}{8}{}{}{}} +\newlabel{eq:aro-beta}{{7}{8}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-B}}Results and Analysis}{8}{}\protected@file@percent } +\newlabel{sec:ra-res}{{\mbox {IV-B}}{8}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {8}{\ignorespaces Risk Assessment Using Epidemiology Modeling}}{9}{}\protected@file@percent } +\newlabel{fig:obj1}{{8}{9}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {9}{\ignorespaces Annualized Monetary Loss Expectancies for the Automobile Maintenance Network}}{9}{}\protected@file@percent } +\newlabel{fig:car-ale-mon}{{9}{9}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {10}{\ignorespaces Annualized Time Loss Expectancies for the Automobile Maintenance Network}}{9}{}\protected@file@percent } +\newlabel{fig:car-ale-t}{{10}{9}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {11}{\ignorespaces Annualized Monetary Loss Expectancies for the HIPAA Network}}{9}{}\protected@file@percent } +\newlabel{fig:hip-ale-mon}{{11}{9}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {12}{\ignorespaces Annualized Time Loss Expectancies for the HIPAA Network}}{10}{}\protected@file@percent } +\newlabel{fig:hip-ale-t}{{12}{10}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {13}{\ignorespaces Annualized Monetary Loss Expectancies for the OSHA 1910H Network}}{10}{}\protected@file@percent } +\newlabel{fig:osha-ale-mon}{{13}{10}{}{}{}} +\@writefile{lof}{\contentsline {figure}{\numberline {14}{\ignorespaces Annualized Time Loss Expectancies for the OSHA 1910H Network}}{10}{}\protected@file@percent } +\newlabel{fig:osha-ale-t}{{14}{10}{}{}{}} +\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {IV-C}}Validation}{10}{}\protected@file@percent } +\newlabel{sec:ale-valid}{{\mbox {IV-C}}{10}{}{}{}} +\bibdata{Bibliography} +\bibcite{9914620}{1} +\bibcite{9929470}{2} +\bibcite{9628991}{3} +\bibcite{9630798}{4} +\bibcite{6414589}{5} +\bibcite{8228672}{6} +\bibcite{9678822}{7} +\bibcite{5455187}{8} +\bibcite{10227113}{9} +\bibcite{9457692}{10} +\bibcite{9856356}{11} +\bibcite{9450250}{12} +\bibcite{9593147}{13} +\bibcite{Lou2021}{14} +\bibcite{10.1371/journal.pone.0257512}{15} +\@writefile{toc}{\contentsline {section}{\numberline {V}Future Works}{11}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{\numberline {VI}Conclusions}{11}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{Bibliography}{11}{}\protected@file@percent } +\@writefile{toc}{\contentsline {section}{References}{11}{}\protected@file@percent } +\bibcite{alaya2022mathematical}{16} +\bibcite{NetworkX}{17} +\bibcite{reticulate}{18} +\bibcite{pracma}{19} +\bibcite{RA}{20} +\bibstyle{ieeetr} +\gdef \@abspage@last{12} diff --git a/output/Schrick-Noah_CG-Ep-Modeling.bbl b/output/Schrick-Noah_CG-Ep-Modeling.bbl new file mode 100644 index 0000000..0d867c7 --- /dev/null +++ b/output/Schrick-Noah_CG-Ep-Modeling.bbl @@ -0,0 +1,112 @@ +\begin{thebibliography}{10} + +\bibitem{9914620} +S.~Ahn and M.~Kwon, ``Reproduction factor based latent epidemic model + inference: A data-driven approach using covid-19 datasets,'' {\em IEEE + Journal of Biomedical and Health Informatics}, vol.~27, no.~3, + pp.~1259--1270, 2023. + +\bibitem{9929470} +T.~J. Roy, M.~A. Mahmood, A.~Mohanta, and D.~Roy, ``An analytical approach to + predict the covid-19 death rate in bangladesh utilizing multiple regression + and seir model,'' in {\em 2021 IEEE International Conference on Robotics, + Automation, Artificial-Intelligence and Internet-of-Things (RAAICON)}, + pp.~42--45, 2021. + +\bibitem{9628991} +D.~Chumachenko, K.~Bazilevych, I.~Meniailov, S.~Yakovlev, and T.~Chumachenko, + ``Simulation of covid-19 dynamics using ridge regression,'' in {\em 2021 IEEE + 4th International Conference on Advanced Information and Communication + Technologies (AICT)}, pp.~163--166, 2021. + +\bibitem{9630798} +S.~Zhang and H.~Yang, ``Spatial modeling and analysis of human traffic and + infectious virus spread in community networks,'' in {\em 2021 43rd Annual + International Conference of the IEEE Engineering in Medicine \& Biology + Society (EMBC)}, pp.~2286--2289, 2021. + +\bibitem{6414589} +H.~Kim and R.~Anderson, ``An experimental evaluation of robustness of + networks,'' {\em IEEE Systems Journal}, vol.~7, no.~2, pp.~179--188, 2013. + +\bibitem{8228672} +R.~Mitchell, ``Epidemic-resistant configurations for intrusion detection + systems,'' in {\em 2017 IEEE Conference on Communications and Network + Security (CNS)}, pp.~487--494, 2017. + +\bibitem{9678822} +N.~Dakhno, O.~Leshchenko, Y.~Kravchenko, A.~Dudnik, O.~Trush, and + V.~Khankishiev, ``Dynamic model of the spread of viruses in a computer + network using differential equations,'' in {\em 2021 IEEE 3rd International + Conference on Advanced Trends in Information Theory (ATIT)}, pp.~111--115, + 2021. + +\bibitem{5455187} +B.~Shan, ``The spread of malware on the wifi network: Epidemiology model and + behaviour evaluation,'' in {\em 2009 First International Conference on + Information Science and Engineering}, pp.~1916--1918, 2009. + +\bibitem{10227113} +Y.~Tang and R.~A. Williams, ``Investigating relationship conflict within the + social network of large is projects using a sir model,'' in {\em 2022 IEEE + International Symposium on Technology and Society (ISTAS)}, vol.~1, pp.~1--5, + 2022. + +\bibitem{9457692} +M.~A. Parwez, M.~Abulaish, and J.~Jahiruddin, ``A social media time-series data + analytics approach for digital epidemiology,'' in {\em 2020 IEEE/WIC/ACM + International Joint Conference on Web Intelligence and Intelligent Agent + Technology (WI-IAT)}, pp.~852--859, 2020. + +\bibitem{9856356} +D.~Mathebula, ``Novel data-based model for future epidemiology,'' in {\em 2022 + International Conference on Artificial Intelligence, Big Data, Computing and + Data Communication Systems (icABCD)}, pp.~1--6, 2022. + +\bibitem{9450250} +Y.~Wang, K.~N. Plataniotis, J.~Z. Wang, M.~Hou, M.~Zhou, N.~Howard, J.~Peng, + R.~Huang, S.~Patel, and D.~Zhang, ``The cognitive and mathematical + foundations of analytic epidemiology,'' in {\em 2020 IEEE 19th International + Conference on Cognitive Informatics \& Cognitive Computing (ICCI*CC)}, + pp.~6--14, 2020. + +\bibitem{9593147} +D.~Fedorov, Y.~Tabarak, A.~Dadlani, M.~S. Kumar, and V.~Kizheppatt, ``Dynamics + of multi-strain malware epidemics over duty-cycled wireless sensor + networks,'' in {\em 2021 International Balkan Conference on Communications + and Networking (BalkanCom)}, pp.~1--5, 2021. + +\bibitem{Lou2021} +Y.~Lou and R.~B. Salako, ``Control strategies for a multi-strain epidemic + model,'' {\em Bulletin of Mathematical Biology}, vol.~84, p.~10, Nov 2021. + +\bibitem{10.1371/journal.pone.0257512} +E.~F. Arruda, S.~S. Das, C.~M. Dias, and D.~H. Pastore, ``Modelling and optimal + control of multi strain epidemics, with application to covid-19,'' {\em Plos + One}, vol.~16, pp.~1--18, 09 2021. + +\bibitem{alaya2022mathematical} +M.~B. Alaya, W.~B. Aribi, and S.~B. Miled, ``Mathematical analysis of a delayed + seirds epidemics models: Deterministic and stochastic approach,'' 2022. +\newblock arXiv:2208.07690. + +\bibitem{NetworkX} +A.~Hagberg, P.~J. Swart, and D.~A. Schult, ``Exploring network structure, + dynamics, and function using networkx,'' +\newblock {Available: https://www.osti.gov/biblio/960616}. + +\bibitem{reticulate} +K.~Ushey, J.~Allaire, and Y.~Tang, {\em Reticulate: Interface to 'Python'}, + 2023. +\newblock {R package version 1.28. Available: + https://CRAN.R-project.org/package=reticulate}. + +\bibitem{pracma} +H.~W. Borchers, {\em Pracma: Practical Numerical Math Functions}, 2022. +\newblock R package version 2.4.2. + +\bibitem{RA} +M.~Rausand, ``Introduction,'' in {\em Risk Assessment: Theory, Methods, and + Applications}, ch.~1, pp.~1--28, John Wiley \& Sons Inc., 2013. + +\end{thebibliography} diff --git a/output/Schrick-Noah_CG-Ep-Modeling.blg b/output/Schrick-Noah_CG-Ep-Modeling.blg new file mode 100644 index 0000000..149710f --- /dev/null +++ b/output/Schrick-Noah_CG-Ep-Modeling.blg @@ -0,0 +1,57 @@ +This is BibTeX, Version 0.99d (TeX Live 2024/Arch Linux) +Capacity: max_strings=200000, hash_size=200000, hash_prime=170003 +The top-level auxiliary file: ./output/Schrick-Noah_CG-Ep-Modeling.aux +The style file: ieeetr.bst +Database file #1: Bibliography.bib +You're missing a field part---line 390 of file Bibliography.bib + : number = + : , +I'm skipping whatever remains of this entry +Repeated entry---line 1768 of file Bibliography.bib + : @manual{pracma + : , +I'm skipping whatever remains of this entry +Warning--empty journal in NetworkX +Warning--empty year in NetworkX +You've used 20 entries, + 1876 wiz_defined-function locations, + 591 strings with 7778 characters, +and the built_in function-call counts, 5724 in all, are: += -- 524 +> -- 218 +< -- 0 ++ -- 81 +- -- 61 +* -- 382 +:= -- 776 +add.period$ -- 23 +call.type$ -- 20 +change.case$ -- 18 +chr.to.int$ -- 0 +cite$ -- 22 +duplicate$ -- 319 +empty$ -- 593 +format.name$ -- 61 +if$ -- 1439 +int.to.chr$ -- 0 +int.to.str$ -- 20 +missing$ -- 17 +newline$ -- 67 +num.names$ -- 20 +pop$ -- 105 +preamble$ -- 1 +purify$ -- 0 +quote$ -- 0 +skip$ -- 216 +stack$ -- 0 +substring$ -- 353 +swap$ -- 124 +text.length$ -- 0 +text.prefix$ -- 0 +top$ -- 0 +type$ -- 0 +warning$ -- 2 +while$ -- 51 +width$ -- 22 +write$ -- 189 +(There were 2 error messages) diff --git a/output/Schrick-Noah_CG-Ep-Modeling.log b/output/Schrick-Noah_CG-Ep-Modeling.log new file mode 100644 index 0000000..6dd33bd --- /dev/null +++ b/output/Schrick-Noah_CG-Ep-Modeling.log @@ -0,0 +1,748 @@ +This is pdfTeX, Version 3.141592653-2.6-1.40.26 (TeX Live 2024/Arch Linux) (preloaded format=pdflatex 2024.4.16) 19 APR 2024 12:00 +entering extended mode + restricted \write18 enabled. + %&-line parsing enabled. +**Schrick-Noah_CG-Ep-Modeling.tex +(./Schrick-Noah_CG-Ep-Modeling.tex +LaTeX2e <2023-11-01> patch level 1 +L3 programming layer <2024-02-20> +(/usr/share/texmf-dist/tex/latex/ieeetran/IEEEtran.cls +Document Class: IEEEtran 2015/08/26 V1.8b by Michael Shell +-- See the "IEEEtran_HOWTO" manual for usage information. +-- http://www.michaelshell.org/tex/ieeetran/ +\@IEEEtrantmpdimenA=\dimen140 +\@IEEEtrantmpdimenB=\dimen141 +\@IEEEtrantmpdimenC=\dimen142 +\@IEEEtrantmpcountA=\count188 +\@IEEEtrantmpcountB=\count189 +\@IEEEtrantmpcountC=\count190 +\@IEEEtrantmptoksA=\toks17 +LaTeX Font Info: Trying to load font information for OT1+ptm on input line 5 +03. +(/usr/share/texmf-dist/tex/latex/psnfss/ot1ptm.fd +File: ot1ptm.fd 2001/06/04 font definitions for OT1/ptm. +) +-- Using 8.5in x 11in (letter) paper. +-- Using PDF output. +\@IEEEnormalsizeunitybaselineskip=\dimen143 +-- This is a 10 point document. +\CLASSINFOnormalsizebaselineskip=\dimen144 +\CLASSINFOnormalsizeunitybaselineskip=\dimen145 +\IEEEnormaljot=\dimen146 +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <5> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <5> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <7> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <7> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <8> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <8> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <9> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <9> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <10> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <10> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <11> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <11> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <12> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <12> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <17> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <17> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <20> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <20> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +LaTeX Font Info: Font shape `OT1/ptm/bx/n' in size <24> not available +(Font) Font shape `OT1/ptm/b/n' tried instead on input line 1090. +LaTeX Font Info: Font shape `OT1/ptm/bx/it' in size <24> not available +(Font) Font shape `OT1/ptm/b/it' tried instead on input line 1090. + +\IEEEquantizedlength=\dimen147 +\IEEEquantizedlengthdiff=\dimen148 +\IEEEquantizedtextheightdiff=\dimen149 +\IEEEilabelindentA=\dimen150 +\IEEEilabelindentB=\dimen151 +\IEEEilabelindent=\dimen152 +\IEEEelabelindent=\dimen153 +\IEEEdlabelindent=\dimen154 +\IEEElabelindent=\dimen155 +\IEEEiednormlabelsep=\dimen156 +\IEEEiedmathlabelsep=\dimen157 +\IEEEiedtopsep=\skip48 +\c@section=\count191 +\c@subsection=\count192 +\c@subsubsection=\count193 +\c@paragraph=\count194 +\c@IEEEsubequation=\count195 +\abovecaptionskip=\skip49 +\belowcaptionskip=\skip50 +\c@figure=\count196 +\c@table=\count197 +\@IEEEeqnnumcols=\count198 +\@IEEEeqncolcnt=\count199 +\@IEEEsubeqnnumrollback=\count266 +\@IEEEquantizeheightA=\dimen158 +\@IEEEquantizeheightB=\dimen159 +\@IEEEquantizeheightC=\dimen160 +\@IEEEquantizeprevdepth=\dimen161 +\@IEEEquantizemultiple=\count267 +\@IEEEquantizeboxA=\box51 +\@IEEEtmpitemindent=\dimen162 +\IEEEPARstartletwidth=\dimen163 +\c@IEEEbiography=\count268 +\@IEEEtranrubishbin=\box52 +) (/usr/share/texmf-dist/tex/latex/setspace/setspace.sty +Package: setspace 2022/12/04 v6.7b set line spacing +) +(/usr/share/texmf-dist/tex/latex/graphics/graphicx.sty +Package: graphicx 2021/09/16 v1.2d Enhanced LaTeX Graphics (DPC,SPQR) + +(/usr/share/texmf-dist/tex/latex/graphics/keyval.sty +Package: keyval 2022/05/29 v1.15 key=value parser (DPC) +\KV@toks@=\toks18 +) +(/usr/share/texmf-dist/tex/latex/graphics/graphics.sty +Package: graphics 2022/03/10 v1.4e Standard LaTeX Graphics (DPC,SPQR) + +(/usr/share/texmf-dist/tex/latex/graphics/trig.sty +Package: trig 2021/08/11 v1.11 sin cos tan (DPC) +) +(/usr/share/texmf-dist/tex/latex/graphics-cfg/graphics.cfg +File: graphics.cfg 2016/06/04 v1.11 sample graphics configuration +) +Package graphics Info: Driver file: pdftex.def on input line 107. + +(/usr/share/texmf-dist/tex/latex/graphics-def/pdftex.def +File: pdftex.def 2022/09/22 v1.2b Graphics/color driver for pdftex +)) +\Gin@req@height=\dimen164 +\Gin@req@width=\dimen165 +) +(/usr/share/texmf-dist/tex/latex/float/float.sty +Package: float 2001/11/08 v1.3d Float enhancements (AL) +\c@float@type=\count269 +\float@exts=\toks19 +\float@box=\box53 +\@float@everytoks=\toks20 +\@floatcapt=\box54 +) +\@float@every@table=\toks21 + +(/usr/share/texmf-dist/tex/generic/iftex/ifpdf.sty +Package: ifpdf 2019/10/25 v3.4 ifpdf legacy package. Use iftex instead. + +(/usr/share/texmf-dist/tex/generic/iftex/iftex.sty +Package: iftex 2022/02/03 v1.0f TeX engine tests +)) +(/usr/share/texmf-dist/tex/generic/babel/babel.sty +Package: babel 2024/02/07 v24.2 The Babel package +\babel@savecnt=\count270 +\U@D=\dimen166 +\l@unhyphenated=\language5 + +(/usr/share/texmf-dist/tex/generic/babel/txtbabel.def) +\bbl@readstream=\read2 +\bbl@dirlevel=\count271 +Package babel Info: You haven't specified a language as a class or package +(babel) option. I'll load 'nil'. Reported on input line 4258. + +(/usr/share/texmf-dist/tex/generic/babel/nil.ldf +Language: nil 2024/02/07 v24.2 Nil language +\l@nil=\language6 +)) +(/usr/share/texmf-dist/tex/latex/doublestroke/dsfont.sty +Package: dsfont 1995/08/01 v0.1 Double stroke roman fonts +) +(/usr/share/texmf-dist/tex/latex/base/inputenc.sty +Package: inputenc 2021/02/14 v1.3d Input encoding file +\inpenc@prehook=\toks22 +\inpenc@posthook=\toks23 +) +(/usr/share/texmf-dist/tex/latex/tools/indentfirst.sty +Package: indentfirst 2023/07/02 v1.03 Indent first paragraph (DPC) +) +(/usr/share/texmf-dist/tex/latex/tocloft/tocloft.sty +Package: tocloft 2017/08/31 v2.3i parameterised ToC, etc., typesetting +Package tocloft Info: The document has section divisions on input line 51. +\cftparskip=\skip51 +\cftbeforetoctitleskip=\skip52 +\cftaftertoctitleskip=\skip53 +\cftbeforesecskip=\skip54 +\cftsecindent=\skip55 +\cftsecnumwidth=\skip56 +\cftbeforesubsecskip=\skip57 +\cftsubsecindent=\skip58 +\cftsubsecnumwidth=\skip59 +\cftbeforesubsubsecskip=\skip60 +\cftsubsubsecindent=\skip61 +\cftsubsubsecnumwidth=\skip62 +\cftbeforeparaskip=\skip63 +\cftparaindent=\skip64 +\cftparanumwidth=\skip65 +\cftbeforesubparaskip=\skip66 +\cftsubparaindent=\skip67 +\cftsubparanumwidth=\skip68 +\cftbeforeloftitleskip=\skip69 +\cftafterloftitleskip=\skip70 +\cftbeforefigskip=\skip71 +\cftfigindent=\skip72 +\cftfignumwidth=\skip73 +\c@lofdepth=\count272 +\c@lotdepth=\count273 +\cftbeforelottitleskip=\skip74 +\cftafterlottitleskip=\skip75 +\cftbeforetabskip=\skip76 +\cfttabindent=\skip77 +\cfttabnumwidth=\skip78 +) +(/usr/share/texmf-dist/tex/latex/amsmath/amsmath.sty +Package: amsmath 2023/05/13 v2.17o AMS math features +\@mathmargin=\skip79 + +For additional information on amsmath, use the `?' option. +(/usr/share/texmf-dist/tex/latex/amsmath/amstext.sty +Package: amstext 2021/08/26 v2.01 AMS text + +(/usr/share/texmf-dist/tex/latex/amsmath/amsgen.sty +File: amsgen.sty 1999/11/30 v2.0 generic functions +\@emptytoks=\toks24 +\ex@=\dimen167 +)) +(/usr/share/texmf-dist/tex/latex/amsmath/amsbsy.sty +Package: amsbsy 1999/11/29 v1.2d Bold Symbols +\pmbraise@=\dimen168 +) +(/usr/share/texmf-dist/tex/latex/amsmath/amsopn.sty +Package: amsopn 2022/04/08 v2.04 operator names +) +\inf@bad=\count274 +LaTeX Info: Redefining \frac on input line 234. +\uproot@=\count275 +\leftroot@=\count276 +LaTeX Info: Redefining \overline on input line 399. +LaTeX Info: Redefining \colon on input line 410. +\classnum@=\count277 +\DOTSCASE@=\count278 +LaTeX Info: Redefining \ldots on input line 496. +LaTeX Info: Redefining \dots on input line 499. +LaTeX Info: Redefining \cdots on input line 620. +\Mathstrutbox@=\box55 +\strutbox@=\box56 +LaTeX Info: Redefining \big on input line 722. +LaTeX Info: Redefining \Big on input line 723. +LaTeX Info: Redefining \bigg on input line 724. +LaTeX Info: Redefining \Bigg on input line 725. +\big@size=\dimen169 +LaTeX Font Info: Redeclaring font encoding OML on input line 743. +LaTeX Font Info: Redeclaring font encoding OMS on input line 744. +\macc@depth=\count279 +LaTeX Info: Redefining \bmod on input line 905. +LaTeX Info: Redefining \pmod on input line 910. +LaTeX Info: Redefining \smash on input line 940. +LaTeX Info: Redefining \relbar on input line 970. +LaTeX Info: Redefining \Relbar on input line 971. +\c@MaxMatrixCols=\count280 +\dotsspace@=\muskip16 +\c@parentequation=\count281 +\dspbrk@lvl=\count282 +\tag@help=\toks25 +\row@=\count283 +\column@=\count284 +\maxfields@=\count285 +\andhelp@=\toks26 +\eqnshift@=\dimen170 +\alignsep@=\dimen171 +\tagshift@=\dimen172 +\tagwidth@=\dimen173 +\totwidth@=\dimen174 +\lineht@=\dimen175 +\@envbody=\toks27 +\multlinegap=\skip80 +\multlinetaggap=\skip81 +\mathdisplay@stack=\toks28 +LaTeX Info: Redefining \[ on input line 2953. +LaTeX Info: Redefining \] on input line 2954. +) +(/usr/share/texmf-dist/tex/latex/algorithm2e/algorithm2e.sty +Package: algorithm2e 2017/07/18 v5.2 algorithms environments +\c@AlgoLine=\count286 + +(/usr/share/texmf-dist/tex/latex/base/ifthen.sty +Package: ifthen 2022/04/13 v1.1d Standard LaTeX ifthen package (DPC) +) +\algocf@hangindent=\skip82 + +(/usr/share/texmf-dist/tex/latex/ifoddpage/ifoddpage.sty +Package: ifoddpage 2022/10/18 v1.2 Conditionals for odd/even page detection +\c@checkoddpage=\count287 +) +(/usr/share/texmf-dist/tex/latex/tools/xspace.sty +Package: xspace 2014/10/28 v1.13 Space after command names (DPC,MH) +) +(/usr/share/texmf-dist/tex/latex/relsize/relsize.sty +Package: relsize 2013/03/29 ver 4.1 +) +\skiptotal=\skip83 +\skiplinenumber=\skip84 +\skiprule=\skip85 +\skiphlne=\skip86 +\skiptext=\skip87 +\skiplength=\skip88 +\algomargin=\skip89 +\skipalgocfslide=\skip90 +\algowidth=\dimen176 +\inoutsize=\dimen177 +\inoutindent=\dimen178 +\interspacetitleruled=\dimen179 +\interspacealgoruled=\dimen180 +\interspacetitleboxruled=\dimen181 +\algocf@ruledwidth=\skip91 +\algocf@inoutbox=\box57 +\algocf@inputbox=\box58 +\AlCapSkip=\skip92 +\AlCapHSkip=\skip93 +\algoskipindent=\skip94 +\algocf@nlbox=\box59 +\algocf@hangingbox=\box60 +\algocf@untilbox=\box61 +\algocf@skipuntil=\skip95 +\algocf@capbox=\box62 +\algocf@lcaptionbox=\skip96 +\algoheightruledefault=\skip97 +\algoheightrule=\skip98 +\algotitleheightruledefault=\skip99 +\algotitleheightrule=\skip100 +\c@algocfline=\count288 +\c@algocfproc=\count289 +\c@algocf=\count290 +\algocf@algoframe=\box63 +\algocf@algobox=\box64 +) +(/usr/share/texmf-dist/tex/latex/l3backend/l3backend-pdftex.def +File: l3backend-pdftex.def 2024-02-20 L3 backend support: PDF output (pdfTeX) +\l__color_backend_stack_int=\count291 +\l__pdf_internal_box=\box65 +) +(./output/Schrick-Noah_CG-Ep-Modeling.aux) +\openout1 = `Schrick-Noah_CG-Ep-Modeling.aux'. + +LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. +LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 27. +LaTeX Font Info: ... okay on input line 27. + +-- Lines per column: 56 (exact). +(/usr/share/texmf-dist/tex/context/base/mkii/supp-pdf.mkii +[Loading MPS to PDF converter (version 2006.09.02).] +\scratchcounter=\count292 +\scratchdimen=\dimen182 +\scratchbox=\box66 +\nofMPsegments=\count293 +\nofMParguments=\count294 +\everyMPshowfont=\toks29 +\MPscratchCnt=\count295 +\MPscratchDim=\dimen183 +\MPnumerator=\count296 +\makeMPintoPDFobject=\count297 +\everyMPtoPDFconversion=\toks30 +) (/usr/share/texmf-dist/tex/latex/epstopdf-pkg/epstopdf-base.sty +Package: epstopdf-base 2020-01-24 v2.11 Base part for package epstopdf +Package epstopdf-base Info: Redefining graphics rule for `.eps' on input line 4 +85. + +(/usr/share/texmf-dist/tex/latex/latexconfig/epstopdf-sys.cfg +File: epstopdf-sys.cfg 2010/07/13 v1.3 Configuration of (r)epstopdf for TeX Liv +e +)) +Underfull \hbox (badness 10000) in paragraph at lines 58--60 +[]\OT1/ptm/b/it/9 Index Terms\OT1/ptm/b/n/9 ---Compliance Graph; Attack Graph; + [] + +[1{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}{/usr/share/texmf-dist/fon +ts/enc/dvips/base/8r.enc} + + +] +Underfull \hbox (badness 1371) in paragraph at lines 76--77 +\OT1/ptm/m/n/10 systems, the authors of [[]] present a S$\OML/cmm/m/it/10 I[]$$ +I[]$\OT1/ptm/m/n/10 SD model + [] + + +Underfull \hbox (badness 2903) in paragraph at lines 76--77 +\OT1/ptm/m/n/10 (Susceptible, Infected-with-Strain-1, Infected-with-Strain-2, + [] + + +Underfull \hbox (badness 10000) in paragraph at lines 76--77 + + [] + + +Overfull \hbox (41.39592pt too wide) in paragraph at lines 78--89 +[]$[][]$ + [] + + +Underfull \hbox (badness 10000) in paragraph at lines 78--89 + + [] + + +Underfull \hbox (badness 3118) in paragraph at lines 90--91 +[]\OT1/ptm/m/n/10 Fitting compliance graph analysis to an SIS model + [] + + +Underfull \hbox (badness 10000) in paragraph at lines 90--91 + + [] + + +Underfull \hbox (badness 10000) in paragraph at lines 92--103 + + [] + + +Underfull \vbox (badness 6493) has occurred while \output is active [] + + +Underfull \hbox (badness 3281) in paragraph at lines 107--108 +\OT1/ptm/m/n/10 analysis (which has been adapted for the multi-strain + [] + + +LaTeX Warning: No positions in optional float specifier. + Default added (so using `tbp') on input line 109. + + +Overfull \hbox (16.66411pt too wide) in paragraph at lines 112--123 + [][] + [] + + +LaTeX Warning: No positions in optional float specifier. + Default added (so using `tbp') on input line 125. + + +Underfull \hbox (badness 1701) in paragraph at lines 139--139 +\OT1/ptm/m/n/10 Each parameter is contextualized to compliance graphs, + [] + + +Overfull \hbox (9.88812pt too wide) in paragraph at lines 128--141 + [][] + [] + + +Underfull \vbox (badness 10000) has occurred while \output is active [] + + [2] +<./images/model-flow.drawio.png, id=22, 728.7225pt x 281.05pt> +File: ./images/model-flow.drawio.png Graphic file (type png) + +Package pdftex.def Info: ./images/model-flow.drawio.png used on input line 157 +. +(pdftex.def) Requested size: 252.0pt x 97.18964pt. + + +LaTeX Warning: No positions in optional float specifier. + Default added (so using `tbp') on input line 166. + +[3 <./images/model-flow.drawio.png>] + +LaTeX Warning: Reference `ch:example-networks' on page 4 undefined on input lin +e 207. + + +LaTeX Warning: Reference `ch:example-networks' on page 4 undefined on input lin +e 207. + + +Underfull \vbox (badness 10000) has occurred while \output is active [] + + +Overfull \hbox (43.55424pt too wide) detected at line 256 +[][][] + [] + + +LaTeX Warning: Reference `ch:example-networks' on page 4 undefined on input lin +e 258. + + +Underfull \hbox (badness 2150) in paragraph at lines 258--259 +\OT1/ptm/m/n/10 repair, or replacement. For components without a pre- + [] + + +Underfull \vbox (badness 6510) has occurred while \output is active [] + + [4] +Underfull \vbox (badness 10000) has occurred while \output is active [] + +<./images/unknown_infec_rate.png, id=31, 788.19469pt x 640.64343pt> +File: ./images/unknown_infec_rate.png Graphic file (type png) + +Package pdftex.def Info: ./images/unknown_infec_rate.png used on input line 27 +7. +(pdftex.def) Requested size: 252.0pt x 204.82434pt. + [5 <./images/unknown_infec_rate.png>] +Underfull \vbox (badness 5302) has occurred while \output is active [] + +<./images/oil_change.png, id=37, 984.67876pt x 568.1225pt> +File: ./images/oil_change.png Graphic file (type png) + +Package pdftex.def Info: ./images/oil_change.png used on input line 332. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. +<./images/drive_belt.png, id=38, 984.67876pt x 568.1225pt> +File: ./images/drive_belt.png Graphic file (type png) + +Package pdftex.def Info: ./images/drive_belt.png used on input line 341. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. + + +LaTeX Warning: Reference `ch:example-networks' on page 6 undefined on input lin +e 345. + + +LaTeX Warning: Reference `ch:example-networks' on page 6 undefined on input lin +e 345. + +<./images/sec_asses.png, id=39, 984.67876pt x 568.1225pt> +File: ./images/sec_asses.png Graphic file (type png) + +Package pdftex.def Info: ./images/sec_asses.png used on input line 350. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. +<./images/osha_end.png, id=40, 984.67876pt x 568.1225pt> +File: ./images/osha_end.png Graphic file (type png) + +Package pdftex.def Info: ./images/osha_end.png used on input line 358. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. +<./images/osha-ep-nothing.png, id=41, 984.67876pt x 568.1225pt> +File: ./images/osha-ep-nothing.png Graphic file (type png) + +Package pdftex.def Info: ./images/osha-ep-nothing.png used on input line 366. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. +[6 <./images/oil_change.png>] [7 <./images/drive_belt.png> <./images/sec_asses. +png> <./images/osha_end.png> <./images/osha-ep-nothing.png>] +Underfull \hbox (badness 4156) in paragraph at lines 381--382 +\OT1/ptm/m/n/10 an increase in either the $\OML/cmm/m/it/10 Exposed$ \OT1/ptm/m +/n/10 or $\OML/cmm/m/it/10 Infected$ + [] + + +Underfull \hbox (badness 4001) in paragraph at lines 383--384 +[]\OT1/ptm/m/n/10 A decrease in the $\OML/cmm/m/it/10 Infected$ \OT1/ptm/m/n/10 + compartment causes + [] + + +Underfull \hbox (badness 1527) in paragraph at lines 383--384 +\OT1/ptm/m/n/10 an increase in either the $\OML/cmm/m/it/10 Recovered$ \OT1/ptm +/m/n/10 or $\OML/cmm/m/it/10 Deceased$ + [] + + +LaTeX Warning: Reference `ch:Intro' on page 8 undefined on input line 396. + + +LaTeX Warning: Reference `ch:rel-works' on page 8 undefined on input line 396. + + +LaTeX Warning: Reference `ch:example-networks' on page 8 undefined on input lin +e 396. + + +Overfull \hbox (59.90427pt too wide) detected at line 404 +[][][] + [] + + +Underfull \hbox (badness 1715) in paragraph at lines 406--407 +[]\OT1/ptm/m/n/10 Included in the presentation of ALE in Equation 6[], + [] + +<./images/Obj1.png, id=56, 816.04875pt x 210.7875pt> +File: ./images/Obj1.png Graphic file (type png) + +Package pdftex.def Info: ./images/Obj1.png used on input line 418. +(pdftex.def) Requested size: 252.0pt x 65.09258pt. + +LaTeX Warning: Reference `ch:example-networks' on page 8 undefined on input lin +e 426. + + +LaTeX Warning: Reference `sec:Automotive' on page 8 undefined on input line 426 +. + + +LaTeX Warning: Reference `sec:Healthcare' on page 8 undefined on input line 426 +. + + +LaTeX Warning: Reference `sec:OSHA' on page 8 undefined on input line 426. + +[8] +<./images/car-ale-mon.png, id=60, 984.67876pt x 568.1225pt> +File: ./images/car-ale-mon.png Graphic file (type png) + +Package pdftex.def Info: ./images/car-ale-mon.png used on input line 429. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. +<./images/car-ale-t.png, id=61, 984.67876pt x 568.1225pt> +File: ./images/car-ale-t.png Graphic file (type png) + +Package pdftex.def Info: ./images/car-ale-t.png used on input line 438. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. +<./images/hip-ale-mon.png, id=62, 984.67876pt x 568.1225pt> +File: ./images/hip-ale-mon.png Graphic file (type png) + +Package pdftex.def Info: ./images/hip-ale-mon.png used on input line 447. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. +<./images/hip-ale-t.png, id=63, 984.67876pt x 568.1225pt> +File: ./images/hip-ale-t.png Graphic file (type png) + +Package pdftex.def Info: ./images/hip-ale-t.png used on input line 456. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. +<./images/osha-ale-mon.png, id=64, 984.67876pt x 568.1225pt> +File: ./images/osha-ale-mon.png Graphic file (type png) + +Package pdftex.def Info: ./images/osha-ale-mon.png used on input line 465. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. +<./images/osha-ale-t.png, id=65, 984.67876pt x 568.1225pt> +File: ./images/osha-ale-t.png Graphic file (type png) + +Package pdftex.def Info: ./images/osha-ale-t.png used on input line 474. +(pdftex.def) Requested size: 252.0pt x 145.39377pt. + [9 <./images/Obj1.png> <./images/car-ale-mon.png> <./images/car-ale-t.png> <./ +images/hip-ale-mon.png>] +Underfull \hbox (badness 4120) in paragraph at lines 484--485 +[]\OT1/ptm/m/n/10 In all Figures that presented expected time losses, + [] + +[10 <./images/hip-ale-t.png> <./images/osha-ale-mon.png> <./images/osha-ale-t.p +ng>] + +LaTeX Warning: Reference `ch:example-networks' on page 11 undefined on input li +ne 501. + + +Underfull \hbox (badness 8056) in paragraph at lines 501--502 +[]\OT1/ptm/m/n/10 This work presented and implemented a SEIRDS + [] + + +Underfull \hbox (badness 1688) in paragraph at lines 501--502 +\OT1/ptm/m/n/10 maintaining compliance. This approach is shown to be + [] + +(./output/Schrick-Noah_CG-Ep-Modeling.bbl +Underfull \hbox (badness 1681) in paragraph at lines 17--21 +\OT1/ptm/m/n/8 T. Chumachenko, ``Simulation of covid-19 dynamics using ridge + [] + + +Underfull \hbox (badness 3579) in paragraph at lines 74--78 +\OT1/ptm/m/n/8 sensor networks,'' in \OT1/ptm/m/it/8 2021 International Balkan +Conference on + [] + +[11] +Underfull \hbox (badness 2865) in paragraph at lines 94--97 +\OT1/ptm/m/n/8 structure, dynamics, and function using networkx,'' Available: + [] + + +Underfull \hbox (badness 6412) in paragraph at lines 99--103 +[]\OT1/ptm/m/n/8 K. Ushey, J. Allaire, and Y. Tang, \OT1/ptm/m/it/8 Reticulate: + Interface to + [] + +) + +** Conference Paper ** +Before submitting the final camera ready copy, remember to: + + 1. Manually equalize the lengths of two columns on the last page + of your paper; + + 2. Ensure that any PostScript and/or PDF output post-processing + uses only Type 1 fonts and that every step in the generation + process uses the appropriate paper size. + +[12 + +] (./output/Schrick-Noah_CG-Ep-Modeling.aux) + *********** +LaTeX2e <2023-11-01> patch level 1 +L3 programming layer <2024-02-20> + *********** + + +LaTeX Warning: There were undefined references. + + +LaTeX Warning: Label(s) may have changed. Rerun to get cross-references right. + + ) +Here is how much of TeX's memory you used: + 5655 strings out of 476076 + 97149 string characters out of 5793775 + 1955187 words of memory out of 5000000 + 27705 multiletter control sequences out of 15000+600000 + 596834 words of font info for 100 fonts, out of 8000000 for 9000 + 14 hyphenation exceptions out of 8191 + 57i,18n,65p,1724b,532s stack positions out of 10000i,1000n,20000p,200000b,200000s + +Output written on ./output/Schrick-Noah_CG-Ep-Modeling.pdf (12 pages, 392875 by +tes). +PDF statistics: + 153 PDF objects out of 1000 (max. 8388607) + 78 compressed objects within 1 object stream + 0 named destinations out of 1000 (max. 500000) + 71 words of extra memory for PDF output out of 10000 (max. 10000000) + diff --git a/output/Schrick-Noah_CG-Ep-Modeling.pdf b/output/Schrick-Noah_CG-Ep-Modeling.pdf new file mode 100644 index 0000000..428e88b Binary files /dev/null and b/output/Schrick-Noah_CG-Ep-Modeling.pdf differ